Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=ispmap.mcsnet.ca
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 09, 2026
54 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7A:6D:A8:7F:02:9E:46:92:B8:00:7B:41:9A:6B:0C:49:AC:D4:54:5C:86:8B:24:08:67:25:D7:6C:DA:06:3D:9B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
firebase-c2.cdreader.com
www.100pfws.com
www.1gallery.app
www.406innovativesolutions.com
5starcarpentry.com
www.accentrenovationshsv.com
agilematrix.net
alassv.org
devtest.aniline.io
arthursiebert.com
www.arturpfeifer.com
www.betterbrotherbakery.com
ops.bitwave.io
brewedonwheels.com
www.capplica.com
www.cawineclassactionsettlement.com
admin.cbsto.com
face2face.comline.gmbh
coordinator.constructionawards.ie
www.github-tracker.creativemaybeno.dev
customqrs.com
department.se
mealplanner.dforder.com
enterprise.djobnet.com
www.dsstars.com
demo.dtcco.io
www.edgebet.net
elreydelagillette.com
www.erpcoachnishant.com
notes.fieldmargin.com
www.firefixoffers.com
www.admin.fotografijesaraftinga.com
evse-indiauk.framez.sg
samator.gajiku.app
www.gallimo.com
admin.gastronaut.ai
gesticleanup.io
getevive.app
admin.gpsafaris.com
arexgestor.grupoaristas.com
gudhaldesignstudio.com
app.gymcommander.com
ot-dev.gysite.in
helinokcu.com
console.hgraph.io
hidralisooficial.co
www.hmcpacificnorthwest.com
admin.itos.se
kharagedition.com
go.kickbackservices.com
kinenbi.app
kymerian.com
cigtracker.lechatstraat.com
www.m2it.se
manbitesdog.pl
onboarding.marivipiano.com
admin.link.marlim.co
ispmap.mcsnet.ca
myconsult.demo.medeintegra.app
auth.metalimits.com
nevermealwayswe.com
nextops.com.au
novabreezeairconditioning.com
app.nteract.de
stage.access.optculture.com
srtp.texbit.otobit.com
paarshtouch.com
www.parlaynation.com
www.pathtechinc.com
pebbleapp.pro
firebase-functions-sandbox.pinchos.se
prajwalteams.com
app.predimania.com
ked-dev.publicissapient.fr
inventory-backoffice.qeerio.com
qpixel.me
app.realexpert.ch
referenciasbibliograficas.com.br
app.rethinkreading.org
test2.rwcs.in
robotics.seedtechnologiesllc.com
www.servetick.com
www.skilldetektor.de
spincycleatx.com
sponty.app
www.sponty.app
starlinksavedmylife.com
cdn.stdwatch.com
www.hello.swajan.io
www.teamcenter.app
sweeper.games.tetherstudios.com
fidelidade.thecrushdonuts.com.br
deaura.thediners.in
as-entrena-salut.timp.io
fusion-cuerpo-mente.timp.io
app.tobilou.com
trackity.info
truetoform.online
www.workaxis.in
workhunger.app
Other domains in certificate