Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=ios.picmonic.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 07, 2026
Valid Until
April 07, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5F:F8:37:9C:E4:91:24:50:93:E1:EB:06:FA:D6:61:A8:E0:26:D2:EC:D6:4C:93:CC:DA:B8:77:95:DA:66:75:7A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
findmygf.net
7twenty4services.com
video-test.ahum.se
ajinnovation.org
demo.alpwcm.com
www.anifestmalaysia.asia
abbac.artstech.com.br
www.atlasdigitalsoft.com
www.bartzatelier.com
auth.brandmark.io
astronize-doc.brandnista.com
www.buk.pt
calicantocorralon.com.ar
www.chappipay.com
www.clinicaaguiars.com
www.jaisakthi.com.sg
auvi.aebc.com.vn
opal.conello.team
ocio-global-staging.contentcard.com
deepdalearcade.com
djamga.com
dmtproteuscapital.org
www.dottorcugini-otorino.it
www.dougschumacher.com
pudukkottai.dropmeoneway.com
global-simulator-dev.electriphi.dev
vns-charter.ensnguyen.com
produkte.factiondesk.com
clima-progressus.farmacare.dev
www.frankallanharrison.com
gathyr.net
gotareferral.com
www.gpmatrix.co.nz
pay.setplex.gr4vy.app
documentations.guivus.com
www.healthyfi.com
www.hieroglyphcode.ch
anpv2417226.id.vn
www.intectum.io
centerfest.inventif.dev
isiton.com
www.jackstavrakas.com
jaiin.dev
joinkelsey.com
josecapera.com
www.josecapera.com
kanishinfotech.in
laconic.kr
www.laughtersaver.com
dynamic-link.lean-body.jp
les-meilleurs-pronos.com
luedkearquitetura.com
turmas.maapp.com.br
www.mdmatkaprofessional.com
test-app.mdstmarket.com
www.medkitdoc.de
www.mi3yar.com
boardguage.mimxr.com
moubon.ca
www.mshguru.com
auth.nattal.com.br
agendar.nbbarber.com.br
notquiteamonad.com
www.nutrizionistairenesandri.it
oceni-nepremicnino.si
one-cliq.nl
oneapp.pe
oneletter.xyz
ourhumanworld.org
order.sandoz-qua.paymytable.com
go.perkypot.com
www.phong.dev
ios.picmonic.com
polarizadosnanotech.mx
www.ppsr-search.com
predictiv.co.za
app.prexa.co
app.printyum.com
py3.me
ramtin.dev
www.refamp.ne
admin.store.reite.cl
richardandjannine.com
rosatocorp.com
ruhland-kallenborn.com
www.sanskardhanigarba.in
satyayogacommunity.com
solarontech.com.br
2day.sterrn.com
stevendelitta.com
links.studyiq.com
t8asolutions.com
tareamate.com
tawbahshop.com
teresacoronado.com
ticketingnation.com
developer.vecros.com
moon.vkl.vn
www.vorsora.com
xpresslaundryhannibal.com
Other domains in certificate