Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=afkarate.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 28, 2025
Valid Until
March 28, 2026
75 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0A:75:D6:21:2D:AE:E6:D9:A0:AB:ED:C2:A9:4A:CC:EF:E5:A8:24:80:AE:76:AD:DE:32:F3:45:EE:34:9A:D6:35
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
arksarkar.com
laz-sectional-cert.3dcloud.io
www.425kidschess.com
www.4happ.ca
abbyvs.com
preview.academondo.com
dyn-links-qa.accelior.com
accuracynmotion.com
staging.crm.additive-apps.eu
afkarate.com.br
www.aktion-kinderparadies.de
albyracing.com
anisabboud.com
www.anislandoffthecoastofaustralia.com
aoipom.net
www.appreasy.com
expenses.apxor.com
arelyskywalker.dev
www.atsyntax.com
axisroot.org
bandw.jp
dashboard-dev.baroqueproperties.com
bizsms.app
kroniken.bjerre.net
boogolicious.com
bridgerholt.com
acc.briefbuilder.com
brokenfriendships.com
checkuper.com
www.iaol.co.in
www.col-us.com
crimsonskytech.com
portfolio.dakodawillden.com
slides.deeppink.dk
www.desoxidate.com
www.digitalink.app
thitracnghiem.td.edu.vn
crm.emissaosimples.com.br
bank.falaknet.com
locust-pms.review.fao.org
beta.fluics.com
microconf.gen.co
jtest1.getsupertext.com
wejugo.hemisphere.digital
www.hoasensoft.com
demo.howsmom.net
www.hutfloor.com
www.icaroassis.dev
auth.imp-ulse.com
app2.insyncapp.io
iottable.com
form.relatoconfidencial-website.itecnove.com
clock.jalowell.com
www.julialuka.com
keeton.cloud
www.kevinleyssens.be
burger.knieszner.pl
www.ledgernalysis.io
partners.listique.com
www.marcrlee.com
www.maritimechamber.co.za
masterbooker.com
www.match.me
order.modernrecipe.be
catalogo.motosalo.es
my-rica.co.za
www.mytrendingstories.com
nerdsio.com
nicolecumming.com
omaryousef.com
lg.ommi.io
www.paintballjani.lv
staging.pakhms.com
step.physiobiometrics.com
app.planelo.com
polyai.ca
devices.ponpish.kr
www.preeority.com
www.rank-estate.pl
rentataxi.co.za
restylesoft.com
sarghe.com
www.comm.savetracksa.com
scibulcom.net
app.scribehound.com
www.shambhuamitabh.com
hyena.skegdev.com
sssaroyal.in
stoddartweb.com
www.susyspartyrentals.com
www.swarajrubbers.com
www.syngularty.com
landing.unrealcoa.ch
cashcounter.vallhund.dev
www.verdictittech.com
www.vialt.fr
app.pask.webapiservices.in
serviceprovider.woonig.app
xpert.app
cv.yasingedik.com
Other domains in certificate