Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=www.semfronteirasenergiasolar.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
April 11, 2026
Valid Until
July 10, 2026
61 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9A:15:D4:9E:5B:EF:14:15:7B:B8:E6:3B:C8:46:F1:8A:C2:FC:6E:47:85:58:A7:F3:D8:7A:B5:61:22:A4:6D:53
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
admin.affhan.com
abersoft.id
www.adkdesign.lol
wildeman.aesteon.com
www.alaamashkouk.ru
firebase.alt-project.ru
dev.link.andelenergi.dk
app.anki.edu.vn
www.bisapt.co.za
www.blockzie.info
byyiro.dev
casegprotege.seg.br
www.caseyenglishstory.com
www.despegue.io
brand.digitalbranch.nl
qcm.diploma-sante.fr
dusttodust.io
caderno.eaiamigo.com.br
www.enfahafriyat.com.tr
www.excusas.cl
fgdfelix.autos
www.fgdfelix.autos
www.foprex.com
www.gcapp.cl
gnpsss.in
graphsort.ru
oracle.hacklabs.com.au
www.icecool.kz
iletus.com.tr
www.imcam.com.tr
www.infinut.com
shortcut.infoey.com
invest-aitech.com
myoffice-isayur.ipiring.com
j-bfa.jp
admin.jedybo.com
jetcentrum.com
jjugul.kr
joku.games
klara-scheduling.klara-team5-staging.com
kshitijmohan.com
la-luna.co.il
www.ldvwraps.buzz
www.leal.systems
storybook.letsemjoy.com
limitlabs.llc
presale.lla.ma
www.luffanet.com.tw
admin.maeumjari.com
www.medbook-ph.com
auth.memoriamaster.com
webview-160.metalogos.site
auth.mimetcompanion.com
www.mkwholesalers.co.uk
business-dev.ngdel.com
niblets.io
account-dev.nofilterstream.com
www.odeio.com.br
phr.ostelehealth.vn
panzoa.org
www.pensioenbij-nha-dc.nl
looftrainingen.pensioenstartpunt.nl
www.peterperezjr.com
dev.dynamic.pindaz.com
auth.placacerta.app.br
predictions-podcast.com
pushpendrasaini.com
www.rasmuslian.com
accounts.rcloud.dev
www.re-upholstery.com.au
rentalplicity.com
resource.reoapp.com
coinflow.sandunsiwantha.com
www.semfronteirasenergiasolar.com.br
sierrasoft.com.ar
siprohukum.my.id
www.siwan.me
podcast.sloomcast.com
www.veletsy.smartdream.tech
smartpowerit.no
www.solucaosoft.com.br
rsltrivia.sqwadhq.com
tracker.stoddartlabs.com
tapotap.com
test-agently.terass.dev
www.tgcomp.my.id
auth.themonkmoney.com
thosemetalboys.be
timesheet.website
odn-qa.titans.town
toollife168.com
www.transito-seguro.com
turkiyejava.community
www.twinc3.com
boards.unison.club
www.unknowncode.dev
vipercell.web.id
vistacargo.lat
nlh.whyq.com.au
www.yso.tw
Other domains in certificate