Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=citgo.popshap.net
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 07, 2025
Valid Until
January 05, 2026
43 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
72:1A:95:D3:41:AF:F4:4A:42:E8:41:3A:52:95:20:54:6D:ED:6F:D5:D7:3A:7B:D6:61:FA:AC:DF:14:21:41:7A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
naturally-salt-poolaccess.de
www.abtsolar.com.br
aeroapps.xyz
aiengineerings.com
ainteliza.com
aliasboardgame.com
anubandh.in
www.awesomebaduk.com
azizkale.com
b4g.tv
bestellwesen.bbcag.ch
oyonnaxrugby.deeplinks.bfansports.com
exemplo.bmenu.com.br
bmlexch.com
dashboard.botmind.io
app.brainevolved.com
shoppers.apps.canadiancores.com
carbografedison.com
www.modafinil.co.il
collegeclub.io
pngl.com.pg
comndrive.com
cooldipo.com
www.corbacho.com.br
credimedico.com
daisy-the-dog.com
www.datejacob.com
djangobuilder.io
docteur-aurelie-delos.fr
toothtrack.dsbalderrama.top
www.dustinzeigler.com
cdn.engym.com
fawzcares.com
fermesaintnicolas.be
foresturl.com
metaverse.forgottenchain.com
app.forwen.com
galeriaecho.online
www.gismatrix.eu
godlifeencounterchurch.org
gtaxi.com.co
www.hamiltonvsschumacher.com
www.hamzaawad.com
healthwayz.net
iamthatsoftwareguy.com
www.immediate.cz
intechbit.com
auth.ishandeveloper.com
app.itopia.com
link.iynk.com
jaylimovegas.com
events.kxp.consulting
auth.lacoope.net
www.lavidadenosotros.com
harmonie-care.test.lisalt.dev
track.litta.co
firebase-c1.manobook.net
meetchavan.in
www.meiameiashow.com.br
dashboard.menuti.com.br
www.mftembra.com.br
mikesverse.com
nr12-hom.mkdata.com.br
lab.modcreteblox.com
ln.monday.com
mondexcard.com
link-qa.olioex.com
citgo.popshap.net
app.pulse.cash
rateit.sk
research.group
ric-building-abbreviation.apps.richku.com
l.roado.tech
www.rubk.app
sablecrm.io
www.samuelsmock.com
seryo.mx
shoutout-demo.set.live
sirfogg.com
socializepro.co
speech.ooo
www.sportmngr.com
link3.sucodev.net
swahilihub.cloud
www.tenkafuma.com
thoughtignition.com
tideinitiative.org
www.todzee.com
toscananoleggio.com
ttm-mep-cloud-qa.firebase.trimblemobile.com
tubiz.co
vicit.com.au
www.vilnius.top
vincenzocalabro.it
admin2.vsight.io
www.wasap360.com
web-tool-pack.com
weblaunch.in
evdev.wonder-sys.com
tasks.yuvachang.com
Other domains in certificate