Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.secumsa.com.mx
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 16, 2025
Valid Until
December 15, 2025
36 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
87:4E:B1:43:B8:25:8E:E1:D0:A4:0B:65:87:86:A9:F3:55:38:D4:A5:F6:08:95:53:18:AE:DB:D6:27:4C:3D:DD
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
pulsepuppies.io
www.5startrivia.com
www.aalarifi.com
admesh.cloud
www.agm-vote.com
www.ajaymalekar.com
www.algoninjas.com
www.almafintech.com
autoexpertindiacompany.com
backwood.design
chart.bluewhale.kr
scheduler.boxknight.com
worldclockcovert.buggasoftware.com
www.candourconcepts.com
links.listopad.cheesybeard.com
panel.click2call.cl
loja.zambezi.co.mz
caculator.trustagent.com.vn
test.dentalapplab.com
dop-deckbuilder.detoxgames.hu
www.diananossa.com
sandbox.cloud.dicomlab.com
app.dielink.ca
dinner-club.org
directedworks.com
www.dopplerbit.com
auth.downtowncupey.com
web-dev.doyumeibo.jp
media.dqtact.net
study.dudaji.com
www.e-gathitulegal.com
eagbcorp.com
earphysics.com
edensblessing.com
servicio.restaurantes.eficiente.co
feedback.elhadigital.com
app.enroutesystems.com
erlenepsyd.com
eumaker.dev
eumentis.com
auth.funderpro.com
fylotek.com
confirm.gettabzdev.com
gogia.co
guitarpilgrim.com
patient.hcc.links.healo.app
daniel.hodvogner.hu
hsaggroup.com
jeff.hstc.com.br
idososimedai.com
ikazecottages.com
www.imelvilentcia.com
bnb.inmobileservices.com
dashboard.innohlth.com
www.irrigs.com
jordieknowles.com
www.joshroseboom.com
k-int.ch
k-studio-tokyo.com
kamek.ch
sdc-invitation.kerzz.com
kgnrice.com
kooply.builders
www.kopsia.com.br
lavipix.com
leadsis.com.br
www.lungelihle.co.za
tnc.max-index.com
testing.muchet.com
nkhwazispark.com
oscarviquez.com
invites.development.payd.com
docs.paynco.com
philodive.com
pikitod.com
pinkscleaningteam.com
www.plopgrizzly.com
portugalcarassauga.ca
virtualbid-admin.pujasweb.co
demo-ui.rrs4life.com
microapps.sautostech.com
kunsttherapie.schieche.at
schmittstudios.co
www.secumsa.com.mx
sales-qa.setkeeper.com
seuzovo.com
admin.shiur.cloud
www.simpliord.se
smarthealthsave.com
www.spicesolutionsgd.com
fiuphotoscramble.sqwadhq.com
app.srivalli.co
swga.golf
www.tech-college.jp
hospitalmoments.tlcforkids.org.au
www.vivianfernandes.tech
webtabel.ru
xaynhathuanphat.com
nfc.yummy-app.nl
zlotetarasy.app
Other domains in certificate