Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=gestaolooking.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 27, 2025
Valid Until
March 27, 2026
73 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
74:12:06:88:0F:AE:FD:F6:05:03:70:34:1D:6D:07:5E:7D:63:1C:35:17:C3:2A:9F:F6:CD:FC:66:BE:09:47:72
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
blockstobytes.school
igp.12traits.com
8d.vc
profile.qa.abilitystack.com
sl-dev.abilitystack.com
afridrugnet.org
admin.aimzegypt.com
get.alpinemedia.com
www.analog-boy.com
andrawinaloka.com
apprutanaturaldelriotinto.com
www.appstation.in
auth.aviatoracademy.net
www.battle-energy.com
www.beautybycolette.hu
authorize.blackprint.dev
www.brianlee.org
kunooz.businesses.ly
fastnote.candraaji.com
docs.cannactrl.com
carsplus-portfolio.de
take-away.cheffle.se
clashroyale.cards
www.claytonpierce.dev
vellore.yazhdroptaxi.co.in
www.logicspace.co.th
b2b.cocone.co
www.coderivy.ai
tideyy.com.my
conan-ui.com
contfacil.com
verify.cupla.app
daayada.com
www.daayada.com
www.dahmon.dev
hiclass.data2health.info
event-dev.ddangkongschool.com
www.dogecolors.com
earnmoneyathome.online
eduhasitha.online
app.emonit.cz
marysvilleonline.enotice.io
join.eventdoctor.app
fitk.tk
fin.fredocloud.com
ynt.gen.tr
gestaolooking.com.br
gluttonysadvocate.com
nodepainter.grifdail.fr
testbed-smartmenu.gupshup.io
gwjgames.com
go-staging.heatseekr.app
phanviethoang-20210372.id.vn
iskiuphill.com
somuchplastic.jau.co.jp
www.jobilo.io
www.kinklyapp.com
kritodhee.tech
reborncrm.lexcellence-grp.com
lucidio.io
makerspacefriendlies.com
www.mammaskokebok.no
y.mandm.app
geek-guide.maripi.net
mdln.store
micovisport.site
mikyot-ai.com
www.ng-stuttgart.de
ads-vi.novacash.co
novazonrelay.com
www.oppdigital.no
raghukul.textile.otobit.com
legacy-v2.pancakebunny.finance
www.pushburgers.com
qifu.rest
ramonexx.net
beta.rbmedilek.cz
rbmedilek.cz
bug2build.redwindow.tech
academico.registrosvalmek.com
rentle.io
www.ridl.app
ruayen.live
www.sabaken.dev
www.salonluzdeluna.com.ar
tokusetsu4.sanographix.net
sayyesdcc.com
seller.shopcircuit.ai
shuffl.no
www.sinclairfamily.biz
3375-admin.sonice-aioe.com
account-dev.tanto.app
tech-sulting.com
www.topperspsccorner.com
vucikollettiva.org
instructor.way.no
www.xahcode.com
knownet.xilerth.com
www.zetta.ag
yangonshelf.zwenex.com
Other domains in certificate