Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=thomazini.hrtech.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 02, 2025
Valid Until
January 31, 2026
76 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0E:D2:60:5C:38:96:75:82:70:0C:7C:91:0D:B6:19:6B:CA:9B:6F:4D:1B:96:0D:ED:BE:D1:4A:F1:66:6D:4A:4D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
aiduplay.com
2048.omarhurani.me
app.2aw.io
bakerstreet.demo.ordering.3bapps.com
www.4pics1word.app
admin.activealamance.com
api.staging.anikki.in
anthonyzhang.info
applicationfiction.com
arobanquetes.com
www.ashishbhavsar.com
admin-dev.athomearticulation.com
www.avanzaia.com.mx
backinactionmembers.com
links.barbaova.com
bnginternational.in
cameyesecuritysolutions.in
facturare.centrulminerva.ro
www.certivox.com
ashagaire.com.np
www.uicco1.com.tw
cyberjournal.app
damiendavisneff.com
dart-board.io
www.depilacjalaser.eu
www.duckywakes.com
dustmodebros.me
eexchange.in
www.elnutrion.com
www.eventwood.no
www.familiphonecell.com
faseiinightclub.farrasnorte.com
federicofumo.com
www.fitlefit.com
kushagra.fodaffy.com
hamsalekha.com
harjotsinghpanesar.com
heissliimundglitzer.ch
hewandfrost.in
thomazini.hrtech.com.br
idroptaxis.in
imagine-it.com
bi.staffrh.inf.br
india.iolite.software
jonathan.ixcayau.com
jennajn.ca
thomalex-sdk-sandbox.joinsherpa.io
www.joppehoekstra.nl
joshgearhart.com
biquet.kards.fr
leagueofquiz.com
www.lobesoft.com
mariusbaer.de
todoapp.masadi.fr
www.mathvlearning.com
metrorganico.com
metuvestuves.lt
mimercanciasegura.com
daisy-dev.mokkon.com
myjourney365.com
myswaps.de
www.myvoice.re
uailugar.nata.dev
pic-lslux.mentor-stage.neccton.com
nikolausbrissa.com
me.nowyu.com
ohmynova.fr
current.ontariogarlicweek.ca
dev.battle.othellonia.com
pengelegen.no
admin.playexplora.com
portalgroove.com
www.powerliftcalc.com
pw.rafaelbiehler.com
rajeshkumarelumalai.in
app.reduzer.com
devteam.referringo.com
remotedev.co
www.reservasweb.com.ar
admin.risewagecoining.com
www.risewagecoining.com
google.rotaneta.com
royaldelice78.fr
segarapratama.com
www.sheepaprod.com
smartnext.xyz
www.taasa-health-app.org
dev.team-de-bug.com
www.tedi.app
terrathefinalode.com
theallocator.com
tintmint.net
dashboard.triangula.com
uisyntax.com
vandanawedsvinay.vandanapv.com
viticly.com
usapp.wahedinvest.com
www.willowprescott.com
usermanual.youdocms.com
youreasypm.com
Other domains in certificate