Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=scafe.com.mx
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 10, 2025
Valid Until
March 10, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0D:9C:6C:89:E7:7D:39:9D:2F:D5:DB:DB:C0:EB:63:10:3D:14:C5:B9:EB:7C:05:8E:46:41:EE:BE:5D:64:BA:96
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.spatzvomdach.com
app.2qip.com
developertoolbox.aakashpamnani.in
www.absoluteenglishuk.com
www.adc-groupe.com
aigencypro.it
alertashn.com
appliancebestdeal.com
mobile-app.aura-circle.com
land.bankph.site
rtarmenia.bisflow.io
blobfit.app
finance.bloops.com.br
api.brightmile.io
empresas.cafeunido.com
resultado.analiza.com.py
danopia.net
auth.caixabank.datafordeals.com
servicepartners.dlchub.io
www.dodoarchi.com
awe-docs.dogonews.com
dreamtravel-il.com
www.drsarulrhaj.com
europe.earningsahead.com
elitemathstuition.com
www.elrondpunks.com
ennovatix.com
eswaf.com
www.euroshopfitting.com
games.exigohealth.com
jcdecaux.fiksuruoka.fi
www.filleruputah.com
qr.fitkore.com
www.flach.io
fmuirhead.info
admin.fundforward.co
futbolmatch.com
api.goegonetwork.com
auth.goosemap.com
www.hexcursion.com
horneandoydecorando.com
hungergems.id
www.jyhuang.idv.tw
webclient.imarco.nl
www.improntacomunicacion.ar
mhathep.in.th
manutd.indyriot.com
flagga-prod.ingka.com
www.internetcreaindipendenza.com
joebrown.dev
www.kaantaze.com
www.killergf.com
kodapro.dev
elaring.kompetansenorge.no
www.ldhub.org
www.leija.se
lomobox.photography
lrsalign.com
lyricals.store
m--t.wedding
staging.maamen.com
reception-outils-staging.marieblachere.fr
console.medme.life
www.movequest.codes
www.nelsonenzo.com
collegemitra.net.in
nexsales.store
ide.orbit.codes
database.owenschulz.com
pathsmentorship.com
hittingthewall.paulglover.net
savel.premieroficial.fun
www.priemer-znamok.sk
app.prism-reception.jp
www.ramuel.ca
app.recru-app.com
www.reinakanishi.com
manager.roperetail.com
sabariintelligence.com
scafe.com.mx
www.scafe.com.mx
shelf-designer.com
sibertakvim.com
stellab.fr
www.stellab.fr
share.thegana.services
links.thriverewardsnv.com
truepay.app
twilightbeautyspa.in
www.urvashiventures.com
qa.storybook.vezham.com
editor-res.vidma.com
www.vqspraktis.com
www.vtpdev.com
weatherforddds.com
xr.wec360.com
writedown.dev
yinuohuang.com
youmatchwho.com
yourlimitedlife.com
Other domains in certificate