Open
Cached
·
just now
89/100
SECURITY SCORE
Certificate Information
Subject
CN=segob.mindfulcare.mx
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 30, 2025
Valid Until
February 28, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AA:29:ED:60:76:5F:BF:F0:2E:AE:F8:4B:42:E8:89:3D:C8:72:10:A4:5A:A2:36:4B:51:49:49:FA:20:46:FD:C7
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000; includeSubdomains; preload
Content-Security-Policy
Basic
base-uri; object-src; script-src; +7 more
base-uri 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' resource://devtools https://api.emailjs.com https://www.gstatic.com https://www.google.com https://apis.google.com *.googleapis.com https://storage.cloud.google.com https://www.google-analytics.com https://sentry.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lrkt-in.com data: blob: https://j.6sc.co; style-src 'self' *.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline';default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://cdnjs.cloudflare.com; connect-src 'self' *.doubleclick.net https://roosterconnect.roosterinc.com http://localhost:* *.roosterinc.com https://api-sandbox.roosterinc.com https://rooster-api-sandbox.kognitivinc.com undefined https://api.emailjs.com https://cdn.simplelocalize.io https://www.gstatic.com https://www.google.com *.googleapis.com https://www.google-analytics.com *.cloudfunctions.net https://sentry.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lrkt-in.com https://api.imgur.com data;img-src https: data:; frame-src 'self' https://www.gstatic.com https://www.google.com https://docs.google.com https://www.youtube.com https://player.vimeo.com https://rooster-sandbox.firebaseapp.com https://sandbox.roosterinc.com; frame-ancestors 'self' *.myworkday.com *.myworkday.net *.workday.com *.workday.net
X-Frame-Options
Excellent
deny
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
rooster-sandbox.kognitivinc.com
3adal.com
app.aana.live
watch.aaonxt.com
www.addglamour.ca
e.alenares.academy
di.schema.alumio.com
emily.andmap.co
eva.auxswot.com
ayasca.dev
bantachat.com
cp.boltboxapp.com
redirect.bondio.co
brainko.com
www.butterflies-childminding.co.uk
admin.camerafi.com
cannlytics.com
canweride.com
sushihouse.cartadomicilio.es
www.charlie-richardson.co.uk
link.demo.clevernet.app
clickclosehomes.com
clinicamindara.com
sajon.com.np
admin.alkateknoloji.com.tr
conectaula.com
cyberbodeguita.com
cytotec-en-ecuador.ec
deependsec.com
internal.prep.deliversense.com
devpixelsolutions.com
doculli.com
dramatic.app
www.drystic.com
dyp.uy
app.elysium.tech
www.epicrideweather.com
extractum.tech
flynsync.com
franchisebuilder360.com
geevaai.com
sydney.guesthouse.photography
horizon-alpha.de
hrbocontabilidade.com
xprmobileposappdev.inseat.menu
interviewkit.co
isle.news
joinauditorium.com
live.juradelight.com
www.kargonerde.net
links.klutchcard.com
impersonation.kudo.coach
link.kujakuja.com
staging1566.lavishgreen.com
app.litpic.app
loopm.co
lucygrein.com
lykemynd.com
mascotfreight.com
micahtinife.com
segob.mindfulcare.mx
moduslogic.co.uk
game.kuntoaji.my.id
www.mylastsunday.com
sync.nodocarabanchel.net
notarisppatarifuddin.com
admin.oceans-water.com
sandbox.okolea-international.com
onlymatthew.com
www.onlymatthew.com
www.orangebrix.com
oriya-hrs.com
about.oui.health
pdflow.app
tokyoleon.pedidomovil.es
pehechano.com
www.personalinsights.co
play.cafe
app.playbook.vc
ppsgroups.com
admin.qr-serv.fr
quidio.co
reflectinspection.com
www.reforestapp-financiera.com
sakura.cafe
saudeemplanos.com
admin-v3.simpleplatform.com.au
www.southernraisedapparel.com
stefanoocchetti.com
stocksports85.com
sureshkm.com
tamodfin.com
timepassgame.com
trinhhoang.com
vinedev.io
vnext.sh
ia.voot.com
www.woliegtdas.de
woolamaigroup.com
blood-bank.zichron.org
Other domains in certificate