Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=central.vithall.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 19, 2025
Valid Until
March 19, 2026
62 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3B:97:A8:E2:D7:92:D8:CB:95:DD:E3:FB:A3:48:6B:C1:C1:76:73:32:F6:A7:8D:39:27:50:F1:C6:C4:1C:5D:92
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
dunk.tools
abhishekdoshi.dev
www.aboutvq.com
app.adpin.se
action.aiducation.org
install.allknit.org
test-firebase.g.alstia.net
www.aoalabs.io
arkione.com.br
www.audriusraso.lt
www.axpine.com
www.axs.network
bantuwa.id
bayudewanto.com
cdp.beenokle.com
recrutementmedical-webform.biloba.com
bluelagoonpools.in
app.boostchinese.com
boucherie-barneoud.fr
report.deeno.bycopilot.com
app.dev.bystro.cr
cantabileescolademusica.com.br
cardiffinternationalchurch.org
chaosmode.space
chown.org.uk
christiankowalski.org
alliedaluconc.co.in
combat-sport.club
conceptssalon.in
dev.critz.cc
deeplink.delcom.nl
devontech.in
www.dhakalroshan.com
dofodog.xyz
auth.dramareel.net
share.earnd.app
dev.api.ensembl.app
links.evexiaapp.com
office.ezserve.site
www.fairoz.systems
fanatikfoundation.org
geoinnova.tech
gratereaux.do
cumin-hematite.harecord-dev.com
heymanitas.com
thuoclapcuc.huyenkhongtamnguyen.com
kreweofsmoochiepoochie.org
laudisup.co.uk
test.mca.leanera.work
amerikaansestock.lms-it.be
dia.loyal.guru
www.mal-pay.com
mariongodefroy.fr
matchbuddy.online
www.meetnow.in
www.metistherapy.co.uk
miguec.dev
apoteksforum.mmevent.no
www.niblets.io
findmyfriends.nliteapps.com
onexu.com
www.qa.openbracket.net
osiah.uk
otodeger.otofora.com
perfumelab.com.br
campaign-entry.promille.jp
psychoterapia-wojciechowska.pl
www.questlinevtt.com
app.radian.software
www.renaultenergia.com.br
docs.retextion.com
dev.rubirace.com
www.saunatimenow.com
schimmer.tech
www.schule-im-museum.at
seasonaljobs.app
securbot.in
tweet.sei-un.com
sendhub.cc
www.shreyash.ai
www.space.al
sparxvr.com
portal.spielgruppe.online
www.statement-gateway.com
stringify.com.au
brella.strollhere.com
science.theorygenerator.com
sandbox.verification.thndr.io
www.toddler.training
trustedfixers.tech
bo-preview3.una-community.com
www.union-bauzentrum-hornbach.de
valetoken.com.br
adminv2.videolink.app
central.vithall.com.br
vslcaterers.com
vtasolution.vn
2022.conf.vuejs.de
wirewise.ca
www.zenreki.health
Other domains in certificate