Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.checkin.certifysimple.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 16, 2025
Valid Until
March 16, 2026
81 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
18:C4:59:F5:9F:CD:B6:41:FF:11:F4:85:56:D9:10:A6:34:74:30:50:3B:9A:0B:AF:1A:FD:D9:24:E5:C0:4E:3F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
todo.moritz.dev
auth.a-web.online
fambola.aimcomely.com
app.alphafaktor.de
alphavital.com.co
stage.alrehwan.com
www.americanboard-us-edu.com
www.ardadagkilic.com
blog.avada.app
wholesale.beverich.jp
live.bylinedenmark.dk
www.checkin.certifysimple.com
chatmyorder.com
chatwitheve.com
clicknexttest.biz
thebrandhub.co.in
dev.coin-flipper.cash
app.collegeleaps.com
confissoesanonimas.xyz
staging.admin.convercus.io
copycattr.com
midtown-questionnaire.cuona.io
frc.divisions.co
dmscreener.dmtrading.fr
www.dokookchoe.com
www.ecoderce.com
www.eduniapps.com
dev.eva-zeus.app
www.felicette.app
www.curvemax.flosspass.com
www.funkeycreators.com
dev.auth.api.botano.girrasoft.com
www.ha.family
office.highfive.tokyo
www.holoverse.dev
app.honeygrow.com
ilovepinky.com
onlinecareer.indiandevelopers.org
www.inscouts.com
www.invosglobal.com
www.jacobcraven.com
jenniferhicksart.com
www.jesustheway.app
emarshak-promise-dev.clients.joinpromise.com
amikasorteio.kartindo.app
qa.laboratoriodentalsalva.com
lacasaka.com
www.learnspn.com
zorg.leefstijl.app
ligainterflag.com
www.llmstxttool.site
localguru.co
lwiz.uk
makeone.dev
console.makrshakr.app
nerdpiano.com
zurai.oblicx.com
onepunchcamp.com
openshutthem.com.au
ostfoldserien.no
www.ouitalking.com
og-builder-cdn.outgrow.co
www.pokercity.com
ponnuswamyresidency.in
primemobility.de
aiforypro.qrq.app
researchercircle.com
pwa-drivers.revoolt.me
ridento.com
www.rospilot.com
samaria.app
www.servnology.app
online.shantimakaan.com
www.smoco.com
snackchat.app
www.solsticeaircharter.com
human.sowl.app
sthex.com
auth.swatchub.com
glass-shop.tech-scheduler.com
thanaphon.dev
thisability-global.com
app.threebirdskitchen.com
www.tigg.app
reservation-dev.zyon.tockall.com
staging.toeglo.com
truenorthjourneystravel.com
driver.tucar.app
ultimatecoach.app
www.unio-stone.de
link.upspot.app
uzmalibu.com
nationalparks.vaughanlabs.com
voguebytonia.com
www.whobannedtiktok.com
wiseeyes.app
app.withorbit.com
wynnethepooh.com
xex888.com
quotation.yutunghsiao.com
Other domains in certificate