Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=manossolidariasxmx.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 07, 2026
Valid Until
April 07, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
33:40:D7:B3:90:6B:3A:41:D8:36:6A:07:08:31:56:98:3D:07:D8:F9:ED:5A:87:ED:16:60:14:50:1E:C4:30:4B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
reyescreations.com
akinevo.com
alexandro.tech
admin.analyticindex.com
submissions.asbt.com.au
asiankitchenfood.com
avol.me
azwiey.co.za
www.backstaige.com
cfa.beaconstac.com
beckysbowwowhouse.com
beec.in
www.bernardobernal.com
blacbox.tech
byte-craft.llc
captainsclash.com
chessmoves.app
www.christofbaer.com
www.claudeit.app
pixelance.collart.app
rp.crebiq.com
czztec.com.br
dar-os.com
dev.dradenisevasconcelos.com.br
sabethaherald.enotice.io
survey.eraser.moe
www.formulae.org
fragoas.com.br
www.geomee.com
ai.getskinbeauty.com
www.gotakenote.com
www.heartinhills.com
helagpt.com
ttf.hemisphere.digital
icaresportsuae.com
linhnthust.id.vn
mluuxuantuan.id.vn
ndkhoa2416248.id.vn
l.inkblottherapy.com
qualification-de-aglife.input4you.be
uiic-natcat.inrisk.insure
jamesfergusonrigging.co.uk
blog.jeshurun.ca
jethiyahi.com
knowlegdeinfinity.org
kylebergman.com
tv.linkbong99.me
lykiq.com
www.lyna.io
www.magcinc.org
magenta.market
product.maksellent.com
manossolidariasxmx.org
email-handler.masonnet.org
mail.masonnet.org
mathew-mullen.com
staging-v1.mjpharma.net
mouquta.com
login.mrkdwn.page
mysrd.co.za
link-contcc.nibo.com.br
odhavramsurgicalhospital.in
arco.org.br
pedidosmym.com.ar
pelicanhrm.com
pencilitout.cc
penn-central.com
percentyourinterest.com
pet.rocks
thaelay.piticommerce.com
www.polydimensionals.com
projectparaball.com
auth.qualisync.com
build.quietcoolsystems.com
api.rumahamal.org
sac-inc.com
thoughtscape.samay15jan.xyz
www.scientistsout.it
admin.seedtrace.org
beta.sherlome.com
auth.smartapartments.ro
www.smithtech.dev
someonesaidapp.com
vvgp-esms.sonice-aioe.com
www.syncomuae.com
app.thegogame.com
tinsel.thekissanes.net
thelazyhiker.com
admin-dev.tooddoc.com
app-qa.travasecurity.com
trytasto.com
www.ultimatebeta.app
auth.usementry.com
www.usotg.com
voidsleepers.com
fakhrianaziz.web.id
worlddevelopmentfoundation.org
www.wwtb4m.xyz
xician.com
yanastudy.com
Other domains in certificate