Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.theassetmatrix.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
42 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1D:52:40:3D:0D:E9:28:53:9F:D7:37:C0:A0:96:83:7A:67:C0:E7:54:E8:0F:A7:C6:91:7C:3C:36:D4:DA:02:03
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.tri-tech.it
adoratorio.com
amboapp.com
www.ambulancegps.com
www.antre2.eu
auth.anytime.tw
asanchez.dev
info.atlfs.org
shopguide.automatecommerce.com
admin.internal.blueheart.io
bonusround.games
www.bonusskate.com
app.boulder.care
portal.causeway.ai
www.chichaq.com
www.clientgrip.com
www.kptech.co.in
coffeeandcodingpod.com
www.conciergepro.app
crgruas.com
cygniahealthcare.com
login.staging.daybridge.io
www.deruytter.net
www.dharshinisricrackers.com
dinnr-time.com
pattison.docmasweetspot.ca
gereedschap.edeboerzn.nl
lcguadalupe.edu.sv
estatesync.io
evenmore.tech
www.sinea.far.st
cp.feverplan.com
furkanelmas.dev
geisonroberto.dev
gtekdevs.com
shop.gyanaloy.com
hackmattr.com
client.healiam.com
web.hipposrl.com
hisnehaseen.com
painel-app.ias-rs.com.br
legacy.prod.invita.gmbh
isthisyournumber.com
share.ixfi.com
link.jevitty.com
www.jonahphotography.in
karen-joynson.co.uk
kartsyapp.com
www.kdev.app
www.laurence.com.ar
a1.lider.cl
makerdays.co.za
mangosolutions.info
www.meier.uk
meladog.it
link.migrama.co
backend.mikiz.online
www.nashscoring.com
orders.njgourmetfoods.com
www.okyzo.ma
migrate.marketplace.openblox.io
eu1.pathadvice.ai
breton-top.petit-bateau.co.uk
my.phi-app.io
admin.marathon.phuket.run
www.docs.pixelover.io
chat.prismdisplay.com
admin.proscenium.app
putafriedeggonit.com
iverdura.quetzaltech.net
appointment.rapo.app
www.reopucino.com
maestro.rotaractmora.org
www.sayuri.design
www.sh4rp.ca
password.sheech.app
info.sitespirit.nl
slaypay.co
app.socialsense.ai
www.softruler.com
joinseneca.softway.com
basketball.stattracker.com
www.supremesportsguk.com
link.tags.lk
www.theassetmatrix.com
okane.staging.thechefkart.com
thermalperformance.app
www.thermolog.biz
www.tiac-kw.com
tideeditmusic.com
inventory.townsendharris.org
tripfriday.com
talent.ultrix.digital
api.useragentapi.io
office-uat.vennapps.com
violance.it
wallofadvertisements.com
wolexchange.com
wordleap.co
www.yonqu.com
Other domains in certificate