Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.md20bienesraices.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 28, 2025
Valid Until
March 28, 2026
75 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
13:96:B0:B6:EE:7C:13:38:FD:D1:BE:C2:0B:1A:21:51:8E:B0:6B:75:89:8E:F5:89:71:7A:4F:CF:3F:B6:DB:54
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
dogiland.pl
www.4immagini1parola.app
abhishekgoyal.dev
accvaldivia.cl
acramer.com
ai-agent-browser-test.com
duma.aimcomely.com
www.aituring.app
aquaar.ai
www.arriendosaltorefugio.com
www.avizomer.com
www.awesomepiece.com
www.backridepalawan.com
www.blankly.finance
www.calc-i.com
stg-reporting.calibr8digital.com
charityfundpool.com
2021.chrls.design
vital.co.ke
www.coduture.com
uicco1.com.tw
admin.danielistvan.com
onlineshop.trainings.digitalnerds.io
blackscreen.dnode.link
eatdiversifood.com
signup.expresstds.com
eyescholar.com
newleaf.falkor.io
admin.festen.dk
fianzaglobal.com
frenchlinguistics.ca
gallopz.com
gardenmakeup.com
gatoperdido.mx
strats.gclub.se
api.getpowerlink.com
app.greenviewcrypto.com
guptechnologies.net
harpreet.tech
admin.identityswitcher.app
iiftiigls.in
ingilizcenigelistir.net
oleksandr-liana.invito.link
jindokoreandog.com
johnramirez.dev
sp.dev.kengin.app
bakery.lafloraison.store
www.lancerpages.com
letsplay.cards
www.listmanager.dev
www.livdiz.in
logilabo.dev
saldo.lumbung.app
www.marandroptaxi.in
martinsorin.com
socialrank.mashin.io
www.md20bienesraices.com
game.metodocharlie.com
www.munchybaby.my
www.nail6.com
chess.nais.fun
linking-beta.ooca.co
www.opooq.com
outsider.solutions
pools.pghdivelabs.com
plusminds.one
pranavarts.in
pranjal-choudhary.com
random.london
reinhardschnetzinger.com
www.roomer.in
root38.com
rturner.dev
connect-ng-carrier-recurring-lane.rxoconnectuat.rxo.com
app.staging.santoid.com.br
wedding.sarhad.me
sciket.tw
facturacion.simplex-erp.com
snippets.snowstar.org
cadastroimobiliaria.solucoesparalocacao.com.br
songsuggest.net
app.sourceview.co
spkinternationalexports.com
tournaments.statsroyale.com
step-one.dev
stumpsapp.com
emilybeautysalon.systemsolution.me
tammotion.africa
thoughtcrafters.com
www.tienda.dev
troydcthompson.com
user.trustablee.com
mirror.ucard.one
translate.vocab.so
www.westfort.dev
ads.whizti.com
dev-wfo.wisperisp.com
admin.wpdistributor.com
yknoll.com
zudallo.com
Other domains in certificate