Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=estudio-laboral.com.ar
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 07, 2025
Valid Until
March 07, 2026
53 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BA:ED:3F:AB:5B:BE:75:48:A6:9C:98:CC:52:58:FD:98:E2:82:2F:02:C8:F4:82:30:00:32:2E:6A:37:6A:8D:F0
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
adsnaps.app
439stocker.com
agsat.app
alistairchitambo.dev
antrava.com
www.armillary.co.uk
www.artifactofcommand.com
artistaiden.com
www.ash-database.com
auth.autokit.ai
www.bazaar-egy.com
betakingstudios.com
www.bettermun.com
pre.bimmeet.app
bluestinger.org
buurtschapvossingers.be
www.byb.com.ar
canadiancountycasa.org
meu.test.carrinho.digital
www.choiceofledlighting.co.uk
go.ciandx.com
ni.clian.net
admin.deliquick.co.kr
codypeters.dev
ellinwoodleader.column.us
consus-mtech-app.de
servicosweb.dailysubsecao.com.br
danjenmaster.com
www.derdiedas.click
discovereel.com
donkey.fans
admin.navigos.eisqr.com
energyhealingjewellery.com
estudio-laboral.com.ar
freecellsolitaire-online.com
painel.fretemais.com
app.unilead.mohe.gov.my
gratavid.me
hidrogt.com
hseindia.in
api.imnty.io
payment.inter.mx
isthatok.net
www.juanjodev.com
www.karst.dev
stage.zena.guest.lasoxp.com
dev.checkin.leaderland.academy
register.learndot.online
lifetechapps.info
reg.lotoclub.io
app.luitfanclub.com
portal-staging.medcury.health
minimumviablepython.com
juice-me-up.mixly.be
supplies.monet.world
mtrackerpro.com
auth.mwakili.com
nashvillesites.com
netgrids.com
startcup.newonce.net
olavsverden.no
stage.onmyown.eu
landing.ostrichoo.nl
pabloanaya.com
leadshift-dev.parklab.app
paulhighum.com
www.pedromichel.com
www.piatto.com.au
www.pioneerpropertymanagement.ca
parallax.pirochta.com
sso.platoon.fm
www.polarizadosnanotech.mx
pondslakesandaquascapes.co.uk
pubstats.dev
www.pullingteethpodcast.com
raashishah.com
raynorreunion.com
p7s1-staging.recruiting-solutions.org
demos-clientes.redlineuw.com
gs.remedo.io
pos.restoplus.com
rikupunkka-cv.com
runejs.net
sewakunj.com
www.shariqahmed.dev
sherwino.co
seller.shopiebazar.com
skir.ca
auth.spory.co.jp
taitarestaurante.es
my.tcargo.vn
www.theintellects.co.uk
wordpress.tombolajaib.com
www.trackit.ai
eunicesolucoes.minhacentral.trausedu.com.br
www.travelmonster.app
path.tundrainsights.com
ubives.com
app.we.shop
dev.wormaldsecurity.cl
Other domains in certificate