Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=maps.projectmadad.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 20, 2025
Valid Until
February 18, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2F:A0:7A:8C:80:70:22:7E:CF:44:6F:AD:FB:9F:E0:D4:B6:8F:79:26:29:2C:3B:E5:C1:97:4E:E6:3A:C1:C9:E9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
bank.multtipay.com.br
www.8five8tx.com
www.africa-advisors.com
answerforiconpopbrand.africasunrise.com
merchant.agamipay.com
procurement.agcinc.com
admin.almondking.in
agendefacil.app.br
cl.uat.bluspark.io
branden.bonner.bio
www.boxy-svg.com
calendado.ai
calendado.com
webview.carlinehound.com
chanakya.life
www.cleasindo.com
www.concernium.org
www.cudec.com
verwaltung.dein-ruf.de
calllog.deltahr.pl
detecciontemprana.com
stafko-globalsolution.devbeebit.com
chat.deweysworld.app
christina.deximo.com
www.dinvicard.in
dipstik.app
www.dontcamp.com
easy-order.online
admin.emosave.com
factoryquarter.co.uk
homologshop.fastget.com.br
www.fernandoautomoveismg.com.br
floxi.co
gimmegimme.gifts
grandvilla-aston.co.uk
greenthumbspray.com
admin.healthread.com
heritagehumanities.com
ipectapp.com
jagu.at
jonathancaballero.org
dev.website.kalpkari.com
koreacoin.site
kpsgallery.com
www.kubiti.com
karolina.kulas.online
www.lechonerabruni.com
lesfilmsdelabande.com
linkbnc.com
www.lorcana-api.com
app.lyfeplanner.com
www.maxapps.com
medgoat.com
www.medicanalab.com
www.meepood.ee
memr.care
miaservices.xyz
motymate.com
www.my-digital.menu
upgrade-qa.myvaillant.com
www.navigatetrip.com
www.nayalabs.com
www.neudie.com
notifications-sdk.novafutur.com
el.o2o.vn
oficinavirtualomi.com
arnesenbetong.ordreplan.no
www.owncart.shop
particleinfotech.com
partyloottracker.com
powerplustips.nl
www.pramitra.com
maps.projectmadad.com
staging.projectrpr.com
dashboard.pubq.se
login.quattrol365.com
links.qwikquant.com
doubleace.re2fe.com
www.hrms.rean.in
renovaworld.com
rydesafe.net
s2d5.com
samalancorp.com
admin.set.live
setupenv.dev
smarthomeapp.com.br
et.sonyliv.com
spressoinsights.com
portfolio.stackdeveloper.in
team-captain.com
www.theciphertower.com
www.thepapillons.co.uk
app.therentdeck.com
firebase.tsdesign.info
vengawebdesigns.com
vermarsh.com
voicedrycleaner.com
dev.wali.co
tech-reviews.zachnology.com
zivotopis-snadno.cz
Other domains in certificate