Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=pharmalisterlimited.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
December 27, 2025
Valid Until
March 27, 2026
78 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3F:5A:B1:15:8E:B2:4F:24:77:7A:76:68:3C:1B:C8:AB:07:83:0C:6A:FB:BD:04:54:EB:52:E8:18:3E:17:0F:1D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
api.mult.dev
mangiobevo-5l.5loyalty.com
akatsukistudio.es
www.anny.one
clouddesk.aryantechworld.com
callcenter.ascc.me
coaching.ascc.me
facturacion.ascc.me
cadastro.axedelivery.com.br
baptistmandaue.org
www.baptistmandaue.org
admin.basenoteapp.com
link.beatravelbuddy.com
bin-gerne-hier.de
blazevicius.dev
budgo.pl
bunificado.com
polimots.cem.tf
centrumprzemiana.com
www.centrumprzemiana.com
dl.3o3.co.kr
digitalplatforms.co.zw
colorsinternational.net
www.kindercode.com.my
alishakafle.com.np
cristianbaeza.com
www.dadalou.fr
damayaya.ca
www.damayaya.ca
www.damayaya.com
danielgrijuela.com
whatspent.daryanritul.in
app.duome.co
jobshare.duome.co
workingfamilies-demo.duome.co
tinglybubbleshooter.games235.com
getcredit.link
app.getlinq.io
www.grpromoters.in
fs-dev.hmydynamics.com
impacto.group
moce.io.vn
portfolio.jikugodwill.com
kiwibudget.app
team.kr8tors.com
www.draw-your-polo.lacoste.com
tv.magister.com
quester-demo.makit.lv
www.mansurcan.com
docs.dev.space.massless.io
www.mirtravel-ks.com
moderntune.in
legacy.admin.newsware.com
staging.legacy.admin.newsware.com
app.ovarider.com
painrelief-th.com
www.painrelief-th.com
parquesacuaticos.net
patchcord.io
pharmalisterlimited.com
linktree.prcuisa.com
marketing.procreditecuador.com
www.puntohogares.com
www.raffiesaurus.com
leuat.reaktor.fi
www.rudiraconsultancy.com
connect-ng-asset-management.rxoconnectmain.rxo.com
connect-ng-billing.rxoconnectmain.rxo.com
track.rxoconnect.rxo.com
dashboard.scorethebusiness.com
meet.sond.com
qr.sond.com
mac.songvetkasem.com
www.splitit.dev
public.stattracker.com
www.stianantonsen.com
core.kmp.telereso.io
invite.test.thinkly.me
cdn.troep.xyz
nrl.uctechlabs.com
vuojolahti.fi
www.vuojolahti.fi
signage.waffle.city
xn--15t.dev
xn--3kq879lj4e.com
www.xn--72cf5auzgog3l8a8b0e6a4ee.com
www.xn--72ch8b3ah9btbb7a9dc5u.com
xn--b1agixqq8e.xn--p1ai
xn--fahrprfer-v9a.ch
admin.xn--hier-jra.com
xn--hiss-load.fi
sahkonhinta.xn--hlytyslista-l8a.fi
xn--jorgeluispiarosales-53b.com
test.xn--lnnsgaranti-ggb.no
xn--y8j148r.xn--q9jyb4c
xn--zodewinter-y7a.com
hotspot-red.ynriver.com
www.zdravivsedle.cz
account.zentax.me
zirving.com
Other domains in certificate