Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.grupomaxtho.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 19, 2025
Valid Until
March 19, 2026
65 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F2:B9:2D:23:60:36:30:2C:B9:44:7D:26:D2:ED:D3:2A:B6:7D:F0:50:36:85:75:12:BA:86:2D:C5:DE:A8:BB:92
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.jsonverify.com
aeengenharia.com.br
alphapremierleague.com
aritth.com
auditag.cl
support.becloser.pro
www.belatrufa.com.br
www.bhumanch.com
biziloop.app
babycare.bonbongame.com
five.casperpas.vn
admin.hobi.co.in
web.aggregator.pnpl.com.np
daxx-express.com
www.dcts.dev
www.debated.fr
devcoretex.com
www.didseagullquit.com
rewards.digitaldesignsdentallab.com
dowjones-express.com
duofill.com
link.eategy.com
enor.finance
app.conectividad-gestionada.entelocean.io
www.escaneatupiel.es
demo.ceto.eu.com
lab.evystage.dev
fedecollavocalcoach.com
pos.ficalapps.com
www.gataly.com
goldspiresolutions.com
app.grasspro.app
master.gro.care
www.grupomaxtho.com
pemkekula.hyperglade.com
letrongnghia110206.id.vn
ywc17.ywc.in.th
console.intelliflowio.com
itsrudecat.com
link-wan-tsui.jec-digital.com
jriegler.com
justbudget.app
karnabyone.com
krishnakripadental.com
latiendathriftway.com
q-sinc.lfv.jp
pay.linkify.cl
links.staging.live.market
lumi-k.com
mdwojacka.com
dev.melihkuru.dev
www.mondadoriloano.it
msgflow.ai
preview.song.io.nandenjin.com
navarim.sk
test.sentinel.newmont.com
www.nights.im
nikkei-express.com
ohodnot.top
oligomaster.com
www.omegabroker.me
onyourway.app
www.opulentrealestate.net
paniati.com
preview.ui.penumbra.zone
admin.pixley.app
app.dev.poskee.com
www.projectsbyalex.com
pushcut.io
radio-paper.com
app.railtasker.com
ranjitsreenivas.com
share.reapapp.io
compassionateinquiry.revillager.com
www.robertandallison.in
rolandniokhor.com
www.sapo.university
saraarta.com
dev-b.scouthub.app
cadenas.sembrandoalianzas.org
shahprasham.com
www.shitinabox.fun
pink.preview.shortwave-staging.com
www.smallstartups.dev
portail.solutiontokam.ca
www.soundcommerce.io
spprd.com
referralcode.starlee.in
steadymon.app
www.threadok.com
www.toetan.com
auth.ttchof.de
auggc.unichats.ai
vippro.day
wavesoftravelling.com
worldclassgamer.com
accounts.sandbox-subscription.ximera.com
www.zaa.sa
zepix.app
subtranslate.zsoft.asia
Other domains in certificate