Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=babynatal.mx
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 14, 2025
Valid Until
March 14, 2026
61 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5D:FD:A4:BE:76:F5:3A:27:2C:88:0A:6B:1D:14:93:63:00:C5:20:0B:A7:6D:AA:17:C6:21:7F:CD:F2:77:C9:1D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
extra.invue-live.com
17thdimension.com
abyto.com
afrolister.com
alexrichter.xyz
wwtube.altalk.com
www.analytica-india.com
www.appscreens.com
athiyarastogi.com
ayurvedahcare.com
babynatal.mx
www.batkat.xyz
beastsbrothers.com
app.betsbooster.com
www.biblioux.cl
www.blissretreat.co.nz
bluecheck.pl
gmyw.bmgomg.com
auth.boty.cc
bread32.com
www.bread32.com
calendarbranch.com
candanaku.com
cassiaksa.com
self.print.cdgn.jp
www.clasicarozas.com
www.2048.co.in
www.codermatestechnologies.com
www.codetta.app
codinggoat.com
www.coloradoadventurecr.com
web-sentiment.consumer-edge.com
convotap.com
android.corntech.com.mx
atodomar.corntech.com.mx
www.cryptomas.cards
csyautopart.com
curiouspack.com
dave-astator.com
deepsixdesign.com
delcer.pe
yrdmgmt-5.dev-ltl-xpo.com
www.dlcode.fr
nelsons.elaachi.com
www.eveenageorge.com
fantasydesigninteriors.com
otp.favarr.com
admin.fecrip.com
www.getreal.ie
portal.getskinhelp.com
glowpanda.life
www.goatfitness.com
clientes.goboxusmx.com
greencomradez.com
hamzamukhtar.com
focus-box.hcbsix.com
heart-age-calculator.com
iisspr.com
ikeatarot.com
fb.itmax.at
mycart.jakob-fuss.com
www.jesusurrutia.com
justapplication.com
learnwithdani.co.uk
anilao.legisled.com
uinterceramic-soporte.lernit.app
www.lsyncsolutions.com
maloriecasimir.net
tip.mcjel.com
www.medcdi.com
www.mikeengforsenate2018.com
www.myeximbusiness.com
nachhilfelutz.de
link-marize.nibo.com.br
stepstone.parkey.io
platinumasiatech.com
firetable.pruoo.com
ve.prymiskyi.com
stg.zappboard.quickcommerce.org
rationalagents.com
www.readm.app
hub.remotesocial.app
order.ringnbring.com
rotaractmuj.in
www.sable.com.mx
admin.seibella.com.br
www.singinglessonsswansea.co.uk
analytics.slices.co
links.spacewalk.no
rufanhalloffame.sqwadhq.com
app.sr-psych.co.za
www.stakeresearch.com
prueba.admin.citas.sugos.com.ve
app.thesnaffleapp.software
bio.theusama.com
tmwgt.com
saetawinifreda.turnosweb.app
repairs.vendiapp.com
www.ykogames.com
www.zorros.football
Other domains in certificate