Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=dev-pixadmin.pixpay.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 28, 2025
Valid Until
January 26, 2026
66 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DA:93:63:CD:65:98:20:18:3C:2F:CE:58:94:7F:53:3D:CC:90:C4:2D:E4:FA:3E:50:F3:4B:D6:33:20:60:66:B5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
jacendavis.com
frontgateroomplanner-test.3dcloud.io
www.adina-cooper.com
links.alphacrewstudio.com
amyryan.dev
b2.aporeldele.com
app2lit.com
apperto.com
beatrizbremer.com
link.beenia.com
link.block-chat.com
brandktm.com
hris-fat.byteflaresolutions.com
connect.camilomejia.dev
casim.net
catastrophicpreparedness.org
chintzbaby.co.uk
tax.cornr.me
www.daretobesquare.org
appmetadata.dev-ltl-xpo.com
dnos.in
meet.dpschool.io
app.duportaccountants.co.uk
app.earlygrad.com
signin-dev.easy-expense.com
emreerkol.com
www.esquissebeats.com
app.evidencebasedassociates.com
app.proto-risk.finmio.io
www.fixvac.com
www.energies.fiyom.com
app.getblood.com
dl.getfursure.com
legal.getprizepool.com
pos.goodylabs.com
www.groenli.ch
admin.grupa.io
beta.grupa.io
guitarlessonsswindon.com
hei.st
p905i.ikuzaki.jp
indesigntraining.ie
gh.de-dev.input4you.be
salvatore.ironblaster.net
www.ivansifrim.com
testpartnerbahrain.jeeblynow.com
kaichef.com
kylecoberly.com
lahairoiministries.com
legapaupercanavese.com
www.lipstate.com
www.mylogin.lmserp.com
www.lukascuman.com
m7soft.com
makechat.dev
thoothukkudi.makemytriptaxi.com
www.slp1.template.merdekatech.com
www.mindlabor.dev
www.montserratinus.com
mscf1841.org
msun.dev
play.nakogames.com
navbharat-iti.com
draft.netlaw.com
otodeger.nevikinciel.com
dev.no-card.com
www.openmindapp.org
oh.stag.ourhello.com
www.paleglow.dev
www.paletteparrot.art
www.payrollasyougo.co.uk
service.peak-labo.com
anderson.pesepay.com
www.pianodoremi.com.br
www.pigeda.com
dev-pixadmin.pixpay.app
pocopiatti.com
demo.rathertext.com
re.rayark.com
reactiverobot.com
redebtpartners.com
retailoptimizer.com
chat.rumahweb.com
www.ryanzipprich.com
santaxfn.com
seaquench.in
www.sgaffney.me
www.shippingmarket.mx
studio-dev.sidekickhealth.com
supermercado46.com.br
www.svgpayphone.in
out.swxr.io
template.taxtrove.co.za
sw-pwa-ca.tech-scheduler.com
tendoo.co
familycharter.testta-tools.nl
ref.topwallet.ph
www.uptownmoose.com
www.venleycapital.net
zhangqichuan.com
Other domains in certificate