Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.miguelvesco.ca
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 27, 2025
Valid Until
December 26, 2025
47 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
21:DC:B7:AF:25:F6:2A:EA:F4:AF:11:8A:BF:A0:DF:EB:20:F8:A1:AC:BA:66:66:C0:D7:93:25:F1:72:7F:99:61
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
bau-spille.de
worldofgoals.5dol.net
dashboard.acroworld.de
bou.adamian.fr
aerothread.net
edgar.alemoreau.fr
contents-manager.anomalith-systems.com
www.aquavolt.net
arpartners.io
augmentedshop.io
www.authentication-thai.com
web.bioassist.eu
internal-ux.bolste.net
myhue.brgr.io
bulgariancanadiansociety.com
www.bulgariancanadiansociety.com
reflect.burson.family
kruispunt.citolab.nl
app.colombiaenmoto.com
digitalreadiness.org
esquematicos.com.dominikcell.com
eac7.eestec.ro
clasificados.elsoldehidalgo.com.mx
clocks.nerf.emallstudio.com
clarkcountygazette.enotice.io
www.equal-line.com
balloon.factorem.co
adel-progressus.farmacare.dev
im.feli.page
www.firstwealth.co
app.development.flouria.health
futuralabs.mx
genuinehealthcare.pk
www.graciuscocoa.com
www.ha4gu.com
filtercodex.cupoftea.id.vn
intemlabs.com
www.intemlabs.com
www.phuongthaogaming.io.vn
www.ipic-asso.fr
www.iriomote.org
www.keyton.com.br
docs.kfz.app
www.kiraz.es
www.legyakilehetnel.hu
lullaby200.com
applinks.luluhypermarket.com
maarianhaminanlentoasema.fi
www.matt.is
merry-jane.com
parandum.mgrove.uk
www.miguelvesco.ca
moja-pobuda.si
motapi.com
www.movementchallenge.co.uk
munfai.com
n00kl33r.org
dashboard.stocker.nanistudio.org
echecs.netpro.mg
neygutemberg.com.br
okcountycasa.org
app.opennaukri.com
www.organic-software.org
own-english-word.com
www.palavrinhas.com
paratwinengine.com
pawgotyou.com
be.perapera.ai
persovid.com
www.poptart.org
practical.prasetya.id
primemotion-supplies.ca
www.primemotion-supplies.ca
puzzzle.network
questopconsulting.com
r4f4siqueira.com
www.rodriguesprojetoseobras.com.br
rubipasteleria.com
sadiag.com
shahseatery.se
shoemaker-bees.com
www.slidepro.studio
moladibari.smartpol.it
my.sourceview.co
spacexdata.info
splitride.taxi
www.survivorstudents.com
www.sylaratomic.com
hoangvamaimeo.tattyhouse.com
www.taxichiclana9plazas.com
futbologystats.tranchant.dev
truleaf.in
dev.auth.thrive.uk.com
www.waapp.me
www.we-24.com
content.wisibel.com
woliegtdas.de
emailings.x-28.com
yaki.company
zionrogers.com
Other domains in certificate