Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=thinksimplebms.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 29, 2025
Valid Until
February 27, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7B:6D:F6:F3:8D:C5:9D:E7:D4:A0:7A:8B:35:2C:47:BC:A2:9E:DC:D9:DC:CE:1C:C8:21:33:D3:FE:71:74:3D:FD
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.rapidpas.com
acuflow.de
ahsantraders.store
bishky.aimcomely.com
traucy.aimcomely.com
aksolutions.dev
www.alignchiroclinic.com
ancient.life
www.apc4u.ro
www.mail-sign-pro.applaud.ee
arthpanchani.com
www.baz-travel.com
capimora.com
cheapy.site
add2cart.co.il
blog.ezhard.co.il
plus.colavosalon.com
coreyjeffers.com
cuddlycrochet.com
declaraties.cultusinn.nl
curveclash.com
consumer-frontend.production.munster.delcom.nl
dictallab.com
fire.maxye.dpdns.org
www.registration.egraft.eu
www.eurosea.in
filipamoura-psicologa.pt
fortcell.com
fe.gbsap.gblinfra.in
new.gixtra.com
guidez.pl
hbkabir.dev
www.heirloomreci.pe
www.jonahhalili.com
checkin.kahu.work
www.karbotronics.com
pqs-optimaal.koenenenco.nl
n-oble.kro.kr
omomaze.kumunua.kr
www.ibeautycrm.lexcellence-grp.com
demo.liveevent.co.za
yc-ai.max-arnold.dev
loguenodepalma.mewo.es
kiosk.atlas-apps.mit.edu
mjukis.dev
admin.myrlc.com
auth.netwerk24.com
www.nordchip.com
auth.onlinedoctor.co.jp
www.orcas-valle.com
slackline.outravibe.com.br
www.piinsightshk.com
www.profmarianacosme.com.br
img.prologue-nola.com
static.questionable.io
quierotecho.com.mx
ratemyuni.co.nz
rinconmuma.com
www.sahasteelfurniture.com
scenestudios.io
ticket-shop.schillingroofbar.com
player-dev.screenlime.app
simskuwait.com
www.sleepyjoegame.com
slkenterprises.in
auth.smartpost-ai.com
canary.starly.io
www.stcm.dev
www.stjohnhaifa.com
stock-sheet.com
rora.surrealsolutions.blog
map.suzukigo100.co.za
bodagaldamezvaldivieso.swanmoments.net
npo.swoovy.com
www.techsfo.com
cortex.tempestapps.io
tugucci.tetsuhiro.dev
app.teyoh.com
www.thecampus.education
app.thefitfever.com
themindfighter.in
thinksimplebms.com
www.toddwseattle.com
translorry.com
ulectron.com
ultimatetitleloans.com
unicornshift.ai
usefrostapp.com
auth.usephoton.com
www.vanessarecipe.com
offers.veerahealth.com
www.virtukart.com
visionsfromyou.com
www.visionsfromyou.com
vivegames.co
www.yavantha.com
yoganowworld.com
youki-bessho.com
www.yulamove.com
yumme.pro
Other domains in certificate