Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=siat.hippo.com.bo
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 03, 2025
Valid Until
March 03, 2026
85 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9D:78:E0:D1:A1:CC:AE:56:33:F0:D9:C9:41:D8:D1:06:70:44:6C:3C:BA:DD:86:30:6B:44:E1:3D:BA:DE:0F:EA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.climadiario.com
10xth.com
www.180agile.com
madesa.3dcloud.io
share.acecom.vn
adevcms.online
ai-guidance.ca
whatsappbot.alejandrotechnology.com
aurix-auto.com
sentiments.aylbfx.com
ayur-pharma.com
www.blesboksafariske.com
app.botika.io
boundaryhelper.co.uk
butlercues.com
www.carers.uk
auth.cashbacksummit.com
forms.cgfceg.org
www.checkthisout.in
www.hitbytes.co.in
siat.hippo.com.bo
vpo.vpbank.com.vn
www.cribcake.se
datospilipinas.com
ovn.devserver.cc
www.domcousins.co.uk
www.duflu.com
www.dumfriesasc.co.uk
seb15.electrokids.org
www.energieberatung-irschenberg.de
www.fest-i-nibe-val.dk
trainer.fitnesscamp.jp
forinox.pl
www.friendzone.app
admin.greenshield.com.mx
harekrishnaretreat.com
concert-landing-page-v2.harshpatel.info
www.helixpoem.com
holstebloc.dk
howfuckedissfo.com
raya-provider.hub9.io
queue.digitalse.ikea.com
band.infonoid.net
inmobiliariahercop.com
invopay.tech
travelsphere-sdk-sandbox.joinsherpa.io
app.joymo.tv
www.jpdesign.tech
www.kesef.app
backend-expo.le.mu
www.linkg.in
vandemataram-admin.macademy.in
www.macgyvermade.solutions
vertex.makkan.trade
mangarecap.ai
shell2.maxentwickler.site
mayoosh.com
meiameiashow.com.br
shared-expenses.michiochips.com
m.mindfulnessstudio.app
mygroup.io
nitinm.dev
www.nzym.io
training.surf.patrol.co.nz
www.pcminc.co
pizzeriaitalia.cl
www.playlistsync.app
reparatur-schmitt.de
rifasdorian.online
dev2.rnlawgroup.com
forms.rnlawgroup.com
w95.ronne.dev
newwebsite.sakurafresh.com
www.samesquire.com
wfm.sandr.io
pages.scandal-capsuletoy.com
schedule.skeptics.nz
www.skilledmonks.com
xpm-admin-web.smartapis.cyou
macuwin.sqwadhq.com
forumvc.strollhere.com
synafare.com
www.synafare.com
vma-retail.talentlytica.com
old.tbun.dev
smash.techfolk.no
www.testpsicologicos.cl
profile.thedigi.app
theocar.cl
threadfunder.com
www.trafico-agil.com
www.transfair.today
www.upharmony.org
dl.usalo.com.co
f.valc.re
www.vocatech.com.au
webswaysolutions.com
www.wels.app
rpaytest.zighra.com
zpaintig.com
Other domains in certificate