Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=pmapa.cires-ac.mx
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E9:80:32:29:C2:4F:FE:8C:46:5B:93:93:9F:AA:23:F4:DE:02:24:8A:46:49:79:6B:5F:08:B3:83:3A:EF:63:93
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.igia.se
300dev.com
multiply.99dojos.com
logic.a4apps.com
test.alaxat.com
fpmovementevents.arketa.co
www.asnfbikeparts.com
data.atil.io
aujude.com.br
axzy.co.uk
www.baraoke.app
www.batuhanhidiroglu.com
photonlens-competition.be-hookd.com
app.beregnungsplanung.de
birdrockgames.com
bub-app.com
wallet.budgific.com
bungalowre.com
presupuestos.bus.so
vendor-app.bvaah.com
campingmontacabana.com
www.canadianhometax.ca
cangrejord.net
capitalgoldfinex.com
host.certifysimple.com
preprod.chaperonsetvous.com
pmapa.cires-ac.mx
www.service-providers.bikers.co.ke
cornerdelilc.com
covidactnow.com
applink-everbowl-orders.crispnow.com
tpa.ctconsultancy.nl
nibako-mng.daihatsu.co.jp
debatt.ai
deedpile.mortgage
digilabs.media
www.divinemarriagecenter.com
beehive.dpduk.dev
url.e04.dev
ganhemais.emccamp.com.br
gestionclientes.fain.es
www.falconexport.com.au
famees.com
fareplay.aero
fixandsend.com
geospencer.dev
www.getmajorna.com
www.gfsectionalbuildings.co.uk
www.gmailmeter.com
goodpointsglobal.com
tickets-demo.goruckit.com
www.hometownhiring.com
wiki.hydra-newmedia.cloud
iamdeepakdpk.com
iconzapp.com
intelly.solutions
itsmeantonio.com
janathperera.com
joshuabasche.com
www.kidshealthportal.com.au
margitberanova.cz
cms.motiv-app.com
mountaineersfvg.it
watch.newsreels.app
www.nftking.jp
auth.notepan.com
www.office-sagawa.com
kanzleiwolter.pacta-cloud.app
ponlaya.com
app.staging.psychofacile.com
www.punkpixel.io
radiokasoot.com
icabs-staging.rentokil-initial.com
rosemaryconover.com
sewelljohnathan.com
www.sfduel-wiki.com
enterprise.dev.sharo.io
shotpe.com
www.singinglessonsportsmouth.com
www.smartfixcare.com
admin.somenu.digital
www.sounddrop.io
stayroi.it
link.stockl.io
sucreebakehouse.com
invitation-service-en.test.tada.dev
cointerm.tanutapi.dev
app.teampurpose.de
tickalist.com
static.traceit.info
www.traveldestinationfinder.com
www.trim.social
tryfootprynt.com
www.untypisch.at
schoonmaak.wassteel.app
www.waytogo.app
my.wcbc.edu
yt5s-fr.com
est.zdserver.com
www.est.zdserver.com
Other domains in certificate