Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=safetyleadership.com.mx
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 24, 2025
Valid Until
December 23, 2025
40 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
61:E0:92:05:DA:CB:37:05:4C:BC:3C:BE:44:3C:05:2E:6B:49:82:6D:33:59:AE:11:1C:08:9A:8E:D3:99:02:6C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
spicexchangeindia.com
alkansadigital.com
alpharesearchsurvey.in
anuonewaydroptaxi.com
play.apollojosh.com
www.apptransportador.com
clientes.baleartac.com
bannerbake.com
www.benkalman.com
bestchoicetravelconsult.com
www.bharatconf.com
promo.bikeitau.com.br
buy-your-side.immo
dashboard.caresend.com
cooperative-dev.grobox.co.ke
www.codeschool.london
ccbcms.southpaw.com.my
policy.aircondspecialist.com.my
bestellen.deniz-grill-duisburg.de
app.digitaldistrict.ph
shinato.for.dinii.jp
easirentpropertyventures.com
portal.friday.fastek.ph
team.fastor.ai
wstaging.flux.chat
provini.genvision.it
georgtriffthenrike.in
gielczowski.com
www.glamily.me
order.halaeats.com
icdeinmobiliaria.com
idea-cli.io
www.inoapp.com
itanbir.com
memegenerator.j7126.dev
app.jippo.com
kleung.page
labrat.games
livewebsolutions.in
www.locate-friends-and-family.com
lumomom.com
www.lykemynds.com
www.m81.io
macnevin.com.au
lanes.mags.gg
mercaba.cl
data.mesbro.in
www.mipathway.org
mountkenyabikers.club
myheq.io
namehacker.net
natalieromano.ca
oct-sa.com
onco-minds.com
p7builders.com
beta.patrontekpatti.com
paydhlaviation.com
pee.email
admin.personate.ai
phcoolingsystems.com
udemy.planck.biz
prospat.net
app.ps-staging.prospectstream.dev
visualiser.radiokasoot.com
quant.raylai.co
rayr.jp
www.redmanedigital.com
renataborreguin.com
rhmixcontabil.com.br
safetyleadership.com.mx
servicelinq.org
sidrhoneyhives.com
spaziouva.it
spilakassahusid.is
strange.garden
www.supportbiznow.com
sutsaitung.com
app.tactuus.com
adas-shop.tech-scheduler.com
www.thecow42.com
sandbox.thndr.games
tomhermann.org
trackl.it
ultron.studio
hadassahpa.um-manu.com
www.universal-tech.com
www.uscrowdmanagement.com
rg.vaihde.io
tap.staging.vendpark.io
dashboard.vesselmapr.com
qr.vetoquinol.pet
viabilizei.com.br
rossmax.viwaveulife.com
vvvebsite.com
dashboard.wecashup.com
learn.wethink.info
wirke.se
www.wolfpackrtc.com
www.wostle.studio
admin.youthstoday.com
Other domains in certificate