Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=bsidescdmx.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
March 28, 2026
Valid Until
June 26, 2026
54 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0D:CB:8B:99:23:03:99:1B:29:8B:28:3F:F3:DA:6D:1A:4A:C8:73:06:62:6F:DD:F8:80:4F:CB:A5:B5:3B:AB:9A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
impulza.com.ar
www.alejoavila.com
perambalur.anbudroptaxi.com
www.tst.timesheet.arcuilo.com
astaria.io
corporate.staging.azoom.jp
beyond-agentur.com
brightmindaid.site
bsidescdmx.org
register.callitout.com.au
carelinelive.app
www.charles-avocats.fr
app.chessenigma.com
chipotlemexicansteak.dk
chrisplitz.com
chromium.org
clevercorners.com
admin.karshak.cloudbade.com
constructorabrac.cl
cowinslotfinder.org
stuff.cube.dj
bma.deskbooking.app
www.djms.app
app.donwong.ca
dreamfrontier.com
crfbuilder.ephealth.com.br
www.epic.llc
www.fliperature.co.nz
giuseppedejanlucido.it
dashboard.gust.io
www.haengineeringpk.com
historyofglasnevin.com
www.hourz.app
webcomponents.iatros.app
order.ibo.app
ideolog-compass.com
inspectionreportpro.com
intellikode.com
jamindar.live
www.jamindar.live
scout-staging.karla.ai
www.kasiastaszewska.pl
ksh-probau-gmbh.de
mindfulnessbell.langhoangal.dev
www.lightsource.shop
www.maharshidiabetesfoot.com
www.mamooscreamery.com
www.many21ai.com
www.mayoosh.blue
metercheck.co.za
michaelpapes.com
shortslimiter.mimxr.com
www.mireiaproject.com
auth.tim-financas.mlearn.mobi
mycirrus.app
neooffice.ro
newbarber.es
www.nicecoldbeer.com
www.nikazhvu.in
blog.onlinetestyap.com
orkesta.com.mx
packersne.ws
intern.partiful.app
patativacomunicacao.com.br
www.pensioenbijpno-a.nl
predictapps.com
primarypen.co.uk
qweekpay.africa
dms.radek.website
salamgold.id
santalist.app
staging.savedby.io
www.sciencecolors.com
link.shared.media
shivampandey.info
uploads.spotpix.me
drexelphotoscramble.sqwadhq.com
ohiofootballtriviaadmin.sqwadhq.com
team.starcode.de
stonebisondev.com
syswave.ai
www.theendoftheweak.com
app.tododoc.com
tolgahankarabudak.dev
trackflow.ca
travelli.nz
tugo.app
trusted.poc.unsproject.com
coworking.ups.edu.ec
vedantapunjab.org
veil.app
visittrek.com
www.visittrek.com
panel.we-jump.nl
psc-ebrochure.whizzstar.com
www.wildwestex.com
winstreetllc.com
wub-quiz.de
yu-can.org
zsottu.hu
Other domains in certificate