Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=cursos.meducar.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 23, 2025
Valid Until
December 22, 2025
41 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4B:4D:F1:28:89:90:3B:3C:36:B8:32:A1:90:AD:0D:74:14:D9:59:60:AA:D0:D3:17:FF:86:0F:10:3D:D8:AF:CB
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.ln.games
1165madisonave.com
4o4.dev
l.a1creditng.com
my.academap.com
www.adorasergipe.com.br
agriculturaenmovimiento.com
www.aimaventures.com
verify.akocarsapp.com
anamedeiros.net
www.appcompass.nl
www.bijoyjohnmathew.com
www.blaketarot.com
devint.bmspune.org
devel-01.calicuta.com
www.carapace.dev
doc.certeso.com
venuemanager.cintoia.com
techbtyes.com-cloud.net
app.contablio.com
messaging.datacommplus.com
w-virus.deep.institute
app7.deskintelligence.com
www.dienlanhhongphat.com
www.displaygram.com
dojo.engineering
uemcyclothon.uem.edu.in
webtestlogin.ehryourway.com
demo.essentialassetpack.com
eternalstorybook.com
dashboard.evzolt.com
flemmetime.com
www.frisk.chat
asana.gatheround.com
nunta.happy4ever.ro
stock-management.hirokuma.jp
humancloudmanifesto.com
www.imagetext.xyz
www.inorwa.com
isanza.dev
itranslate.com
statictest1.jakubin.pl
jammathijjaumrah.com
www.jessicamhiggins.com
julianceddia.com
link.kaartje2go.nl
khoshmazzeh.ir
kingstonwok.co
lab900.com
quagga.lawrencetan.ca
lexdidit.com
qa217.lis.mobi
macankumbang.ch
mathace.io
matthewamuguni.com
evconsumption.mdn.dk
www.medeasy.dk
cursos.meducar.com
sl.mellicta.it
mintyapartments.com
link.ext.moodby.com
www.newtonsgame.com
v1.feedback.niceloop.com
www.nobhillca.com
nodai.wtf
docs.orbit.codes
orderdx.com
www.patmos-architecture.com
payperfect.in
phonosynth.xyz
www.picky.recipes
www.pixelier.app
probilliard.club
www.psicologadaianejordao.com.br
reformasesquivel.com
eicma.rideet.com
www.rkw.ski
rmt.com.br
www.ruddock.be
bookings.sayarti.com
bangumiapp.skyperfectv.co.jp
dl.sorted.club
www.spiritimageband.com
sunriseconstructions.in
teewee.fr
thebookroom.co.za
www.thegreyedge.com
www.townsvilleconcertband.com.au
www.training-temple.fr
www.ugrit.com
www.uplikace.cz
uptu.dev
admin.staging.valdera.com
staging.vivo.click
wanecon.pl
weighzy.com
wordoff.app
www.ykinnovation.co.jp
api.zebuetrade.com
report.app.zeffi.dev
Other domains in certificate