Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=santos.bepass.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 04, 2025
Valid Until
March 04, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
27:5B:81:85:77:6A:E6:6A:3F:28:3E:85:62:8B:B5:9D:17:4C:54:6B:5A:6C:FE:4C:32:16:BC:62:0A:35:16:8E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
bitduplex.com
4eleven.net
connections.sit.advanced-infrastructure.co.uk
www.advenrius.com
upfort.airbookhq.com
alfredasare.me
todo-checker.aoki.casa
links.coach.athlyts.com
www.barrywebdev.com
qr.bartkessels.net
bastianfitness.com
www.baumchain.de
santos.bepass.com.br
sectionpaloise.deeplinks.bfansports.com
app.binituk.com
www.bizaarai.com
docs.bondvet.com
demo.partners.bridegenie.com
staging.buildyourcareerwi.com
app.callrec.net
cambridgeedu.in
caringgems.in
www.cedropi.ovh
centerpointautomation.com
chainqbit.com
leds.codeready.net
ada.chat.codewell.ai
colcambiosaustralia.com
www.initd-tech.com.sg
users.compary.com
namasteindiaqueretaro.corntech.com.mx
autoselect.croptic.ai
app.draftalent.com
hotspot.ecosync.energy
devs.eggy.run
eromanga-channel.com
www.fci.jp
florian-steenbock.de
yumie.flybooking.io
link.fyely.com
www.gagamenu.com
admin.gakal.com.au
www.gdlestore.com
prod-link.get-rippl.com
www.giovanniperrone.it
app.glaance.co
www.goodmeals.health
link.goout.fun
gouravniitdev.in
greentouristcard.eus
dev.hawkbulls.com
cuneiform.hittites.org
trinhhoangchi.id.vn
india-pin.in
boats.inmogr.com
intelliflowio.com
www.interval3.com
recipe-book.jacobdozier.com
japanerleben.de
javiiofficial.com
backoffice.joymo.no
www.kaminoplay.com
app.kredete.com
www.libertytips11.com
www.lorisgardenph.com
lostfalcon.com
www.luc-hariman.com
bandy.lvbet.pl
mascella.com
memory-strip.com
applink.midaia.de
www.midielabel.com
mingfei.me
mrkalendar.com
muzebyte.com
nora-und-henning.de
www.nyotahealth.com
nyshub.com
omastreasures.com
firebase.passwordlastic.de
philt3r.com
plumable.com
www.pmcalabrese.com
recolorado.prspcts.co
dev.read.land
docs.api.referralreactor.com
remysab.com
clip.sidelinehd.com
slingreturns.com
softjads.com.br
instant.techsee.me
timokern.com
tinbits.io
trimbakeshwarmulayguruji.in
www.pro.truckrs.co
app.viralfission.com
petrovich.webtabel.ru
demo.welby.care
www.wide-ranges.com
wongsylvia.com
Other domains in certificate