Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=www.ricoenergiasolar.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 20, 2025
Valid Until
February 18, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F7:89:05:7F:B0:5C:77:A0:1A:D3:F6:34:60:D3:05:DE:2D:1F:0E:12:88:4F:4F:D3:DC:17:1C:6F:BD:B8:DF:F6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-GbGV1a3ilwV35Oa9rhICFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
alpha.link.consentio.co
10point.ai
www.321-interiors.com
centralselling-test.3dcloud.io
invite-dev.3dmeet.com
app.acctability.net
adilquamar.com
flight.agent.aeroglobe.pk
app.appstake.net
artdillo.com
www.associazionedalia.it
hire-qa.auzmor.com
bestonapps.com
biglojas.com
chkinn.birdapps.org
www.bonbiz.in
bridgeplacements.in
www.bytecodex.com
c41app.com
carmat.mx
clumsylamers.com
customerleads.co.in
ceo.coconutorder.com
coderblog.dev
taller.silvergames.com.gt
nwa.cotcot.dev
www.csexpert.in
csural.pro
darshans.me
dartball.co
digicolony.com
digitalvectorstudios.com
docdanko.com
echardingergartenlaube.de
librill.flocca.dev
met-staging.dnmg.gov.tl
grupoagrosepac.com.br
www.havensofhope.com
hbcpeople.com
talent.test.helppoydin.com
hesterwedding.co.uk
hi-va.com
www.igtb.app
ikedio.it
imhere.page
test.jexport.fr
johannesengl.com
jurilica101.hr
auth.staging.lvlup.kalido.me
www.kofounder.ee
www.lagoscode.com
hello.letvar.io
www.maloriecasimir.net
www.mattaniah.online
www.matthewsorrell.com
meditation-records.com
l.mkaneko.net
www.myremoteday.com
www.navigiocapital.com
clinical.imaging.novo.health
numxlator.com
www.ovenbits.com
pariwartangriha.com
dwg.pathadvice.ai
mobile.peakwoodpackers.com
www.pes-tab.com
www.planikun.com
write.popsmartkids.com
pos-itivo.com
link.pulselabs.ai
www.red-apple.website
richbpixels.com
www.ricoenergiasolar.com.br
www.rigchecksems.com
sxcreationsgroup.rotapad.com
share-journey.routica.com
www.rsms.dev
hiahia.singletapps.dev
bookings.sistability.com.au
online.skytteonline.se
solidsws.com
trekanten.stangeland.app
station426.com
console.stellaenergy.io
surveycounter.com
dashboard.swift-menu.app
people.tickbird.com
mobile.treningo.rs
alpha-stage.truckstop.com
tweerous.dev
www.tyrespropertymaintenance.com
uexkuell.org
www.uindycamps.com
www.undercoverdesigns.com
www.vazarno.com
datacollector.vetvise.com
link.wemerang.com
www.wjyeop.site
xaltruist.com
youthandlaw.com
Other domains in certificate