Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=sarefibramacquariemexico.inter.mx
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 19, 2025
Valid Until
December 18, 2025
37 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A5:9D:DB:2C:E8:9B:DC:64:0C:06:A4:CC:4D:7B:E9:07:B9:65:04:4E:50:0A:00:11:9F:1D:C0:41:D8:82:D1:EE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
moddsys.com
www.abhishekdeb.com
aktergrocery.shop
alusia.net
applynow.at
link.aq2expanse.com
arquant.com.ar
www.ascendapp.co.uk
www.badivy.com.au
portal.bedsteservice.dk
www.bhojanapp.in
podev.biz.id
bourboom.nl
bradek.net
www.brandon-marshall.com
dev.came.live
www.cantarranas.es
link.cloudtailor.com
portal.nieuportmews.co.zw
code-now.io
digital.colesctuc.com
contestpearl.com
craft2gether.com
app.czeuspuzzles.com
www.diaryemail.com
elcovia.com
www.erpavenue.com
farm-stand.org
www.farm-stand.org
ars.gakkousya.net
v18.gctc.in
globalconnectuae.com
www.globalconnectuae.com
mindtick.goact.com.au
www.grail-talent.com
www.gyongyiras.hu
x3sportscorp.impactwrap.com
app.infosecassure.com.au
sarefibramacquariemexico.inter.mx
jilnaandmelvin.life
kiruthayafoundation.org
empleosaliat.lapieza.io
www.lowbackpaincommunication.com
ludok.band
mdbasit.me
www.middlemarchtherapy.com
app.mmseas.com
convergence-garonne.montri.fr
itmcontador.mstn.com
mubaraklegal.com
temple.neclabs.com
app.nextpersonal.com.br
nextpersonal.com.br
nilessorensenconsulting.com
albarq.nt-me.link
nutriflow.online
auth.onlineordering.io
opticalbrightener.com
assist.order.place
csd2.order.place
maximsandyou.order.place
phsg3test.order.place
olympus-tst.internal.paperbox.ai
partner.pedivan.co.uk
www.peru247.top
peterjdouglas.com
pianolessonsswindon.com
survey.polytricks.in
v4.current.prizm.site
dash.qmedichealth.com
www.rajdlova.cz
web.readwords.ai
www.restaurant-paros-echt.nl
route-404.be
ryumuraki.com
safsmi.us
www.satyambits.com
gcr.scanscan.com.au
sfezalexandre.com
www.signalflare.app
calendar.skip.work
somosidiotas.com.br
www.sotaplus.net
www.spencehood.com
sprd.ink
www.squali.io
stagecart.me
www.statussaver.app
app.superminascap.com
script-wf.taleez.com
teched.solutions
www.thredzit.com
typefood.jp
docs.usecyan.com
www.vegstreak.co.uk
waflo.space
yamagoya-jp.com
explorer.zksync.io
withdraw.zksync.io
www.zytuny.com
Other domains in certificate