Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=segob.mindfulcare.mx
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 30, 2025
Valid Until
February 28, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AA:29:ED:60:76:5F:BF:F0:2E:AE:F8:4B:42:E8:89:3D:C8:72:10:A4:5A:A2:36:4B:51:49:49:FA:20:46:FD:C7
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
tokyoleon.pedidomovil.es
3adal.com
app.aana.live
watch.aaonxt.com
www.addglamour.ca
e.alenares.academy
di.schema.alumio.com
emily.andmap.co
eva.auxswot.com
ayasca.dev
bantachat.com
cp.boltboxapp.com
redirect.bondio.co
brainko.com
www.butterflies-childminding.co.uk
admin.camerafi.com
cannlytics.com
canweride.com
sushihouse.cartadomicilio.es
www.charlie-richardson.co.uk
link.demo.clevernet.app
clickclosehomes.com
clinicamindara.com
sajon.com.np
admin.alkateknoloji.com.tr
conectaula.com
cyberbodeguita.com
cytotec-en-ecuador.ec
deependsec.com
internal.prep.deliversense.com
devpixelsolutions.com
doculli.com
dramatic.app
www.drystic.com
dyp.uy
app.elysium.tech
www.epicrideweather.com
extractum.tech
flynsync.com
franchisebuilder360.com
geevaai.com
sydney.guesthouse.photography
horizon-alpha.de
hrbocontabilidade.com
xprmobileposappdev.inseat.menu
interviewkit.co
isle.news
joinauditorium.com
live.juradelight.com
www.kargonerde.net
links.klutchcard.com
rooster-sandbox.kognitivinc.com
impersonation.kudo.coach
link.kujakuja.com
staging1566.lavishgreen.com
app.litpic.app
loopm.co
lucygrein.com
lykemynd.com
mascotfreight.com
micahtinife.com
segob.mindfulcare.mx
moduslogic.co.uk
game.kuntoaji.my.id
www.mylastsunday.com
sync.nodocarabanchel.net
notarisppatarifuddin.com
admin.oceans-water.com
sandbox.okolea-international.com
onlymatthew.com
www.onlymatthew.com
www.orangebrix.com
oriya-hrs.com
about.oui.health
pdflow.app
pehechano.com
www.personalinsights.co
play.cafe
app.playbook.vc
ppsgroups.com
admin.qr-serv.fr
quidio.co
reflectinspection.com
www.reforestapp-financiera.com
sakura.cafe
saudeemplanos.com
admin-v3.simpleplatform.com.au
www.southernraisedapparel.com
stefanoocchetti.com
stocksports85.com
sureshkm.com
tamodfin.com
timepassgame.com
trinhhoang.com
vinedev.io
vnext.sh
ia.voot.com
www.woliegtdas.de
woolamaigroup.com
blood-bank.zichron.org
Other domains in certificate