Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=rafaelmarchesin.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 23, 2025
Valid Until
February 21, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DE:D6:FA:F1:34:CB:55:AF:74:34:FA:7D:E3:BD:0E:5E:A7:16:B5:9E:51:8B:9D:91:97:BB:E4:76:DE:CE:39:EE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
bvonline.hosand.it
4health.is
chandigarh.aicommunity.dev
akasha.pe
edgar.alemoreau.fr
apeyron.school
dev.signature.apolloscribe.com
cao-recreatie.appdashboard.nl
www.ashishk.com.au
ashutoshojha.com
askstellar.co
www.avlund.dk
web.bioassist.eu
bitcoin.work
blagulabandet.se
www.blagulabandet.se
home.blu.direct
www.bnf-africasuppliers.co.za
myhue.brgr.io
chbehtar.ir
now.chot.jp
kruispunt.citolab.nl
classsfied.live
suncube.co.in
www.devakinandan.co.in
www.talantakazi.co.ke
codertrade.online
countdoko.club
www.crowdpoint.io
digitalreadiness.org
esquematicos.com.dominikcell.com
www.dunin.by
www.eda.studio
clasificados.elsoldehidalgo.com.mx
energoavangard.ru
euph.online
www.everytale.uk
crm.farahy.net
xplore.fundthepla.net
www.futuredevschool.com
www.gabrimatic.info
genuinehealthcare.pk
ghemedia.vn
gowrishankar.info
granstal.org
asamblea.infinitics.net
tempo-projects-app-development.italk.hr
oem.joyride.tech
www.julianceddia.com
karthikhegde.com
orm.knowledge-foundation.ai
www.knowledge-foundation.ai
jobiccol-staff.litedemy.com
www.liveinarchstudio.com
lyncr.in
maisuong.mom
ventasalpublico.mediaccess.com.mx
hearts.mermok.io
whatsin.moinahoi.com
moja-pobuda.si
www.monitaxafrica.xyz
www.movementchallenge.co.uk
n00kl33r.org
weazone.namishkumar.in
www.nationalrock.co.za
nvglobalexports.com
ifcc.or.kr
www.organic-software.org
paanitrak.com
www.palavrinhas.com
pgelogbook.com
arl.pitanywhere.com
www.poptart.org
rafaelmarchesin.com.br
razrnet.fr
rokas.website
shahseatery.se
cosmic.shubhkiran.com
www.slidepro.studio
fb.spelezoli.lv
splitride.taxi
stage.storysimple.com
pre.thedatabase.top
thedatabase.top
thefracturedrealmssaga.com
app.thuzio.com
search.totalcheck.cl
toytales.app
demo.trickfilm.com
dev.auth.thrive.uk.com
dl.uae.upar.gg
order.ventes-notariales-namur.be
venturify.xyz
www.verbraucher-fuchs.de
www.waapp.me
www.we-24.com
content.wisibel.com
app.wndy.se
videos.wvruralhealth.org
emailings.x-28.com
Other domains in certificate