Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.mapp.la
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 23, 2025
Valid Until
January 21, 2026
66 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
15:1D:7F:45:F9:85:85:A0:B0:E1:83:9C:45:E8:CB:5D:CA:11:FC:44:7A:15:00:FD:76:BC:95:77:42:B5:72:5B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
mypantry-ai.com
jer-sectional-test.3dcloud.io
super.ai.in
ameensayegh.com
appstation.in
www.autowasi.com
hotlinks.auxetic.co
admin-auth.aviewint.com
www.baganpay.com
www.bcfmc.org
rec-cda-admin.bens-groupe.com
berlinflatfinder.de
www.biolacamps.com
www.briansweeney.dev
byca.vn
pos-dubai.captainfresh.com
www.christianfillies.com
www.citex.tech
construvic.com.br
www.copycattr.com
www.covida.ch
dl.crictracker.com
www.dataactivators.com
triplewhale.doelashes.com
drroyshomoeopathy.com
dupi.hu
www.e-incube.ca
ebazaar-afg.com
www.efisys.net
myworkday.esmalglass-itaca.com
www.ewmc.party
jdee-remit.flexm.com
cmb.fndrsng.com
www.gerjob.com
www.gparquitectos.mx
hrenterprisess.com
impactdriven.dev
newdev-foodcourt.isthara.com
jacobgasser.com
jsconseil.sn
www.kacy.dev
kapvoom.com
www.kerrywillyoumarry.me
www.kesselrun.xyz
share.kgu-syllabus.com
linkriotkj.kisline.com
preprod-ad-userwebapp.knolskape.com
ksachain.info
firebase-tutor-staging.kunduzapp.com
payments.kutamma.com
m-a-group.ae
www.mapp.la
mnafis.com
www.mobitier.com
shutdown.modelcreate.com
mouserstudios.com
www.mugibaku.com
gardner.mycloudvip.com
naipai.es
nefacabs.com
novasoftgroup.com
www.ombrelleria.com
onclav.com
www.originofcircles.com
ozkaralvarez.com
parketoggolf.is
pattalcott.com
itbaby.piticommerce.com
www.pluot.tv
praveenchukkapalli.com
cuddalore.rainbowsdroptaxi.com
record-rush.com
www.rootiov.io
ryanlecours.com
safepointpro.com
beta.hideo.sasaki.com
www.scholarjet.com
www.shannonearlpereira.com
simonix.nl
sinuheguerra.com
my-home-dev.sophos.com
specialforceasia.com
www.stagesacademy.co.uk
swflpiano.com
taxigy.com
techflowstudio.com
www.teoanastasiadis.com
termefacile.com
app.predictable.therapy-box.co.uk
www.timetoeat.app
traditionequipment.com
treevox.com
tryrebellion.com
visitbiella.com
weagileyou.com
admin-dev.workshop-live.com
v2.yosemal.com
zaitark.com
zea.me
staging.portal.zoom-networks.com
Other domains in certificate