Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=galt-doc.optimatech.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 08, 2026
Valid Until
April 08, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B3:C5:94:E4:81:79:F0:1B:5F:3C:8F:18:A2:EE:25:F2:04:69:B3:2D:C3:93:6D:C5:3E:A8:0A:1E:09:76:D1:38
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
elefjay.com
www.descripto.2dub.me
aarongallo.com
jaguarjog.ainahainapta.com
isles.ambiencetown.com
www.anahaulage.com.au
activate-web-outsourcing.arlsegurosbolivar.com
armaanbindra.com
arvenia.space
www.asmhesap.com
assistoday.com
attorneyismail.com
audainpethospital.com
bahrabd.com
bestellen.barisgrill.de
berlin95.com
bigquery-json-schema-generator.com
web.bookmyappointments.com
bdo.c0de.xyz
cagliarimap.it
callidellc.com
carbuddy.ai
casez.app
cirkularaverkstaden.se
dev-data-ingestion-app.claimsync.ai
arlo.clau.io
www.codecontrol.app
curatorgame.com
dailyxword.com
danielsmithdevelopment.com
dusseldorf.dashleads.ai
devfestlima.pe
diamondhandlabs.com
dogwoodsuite.com
dollaready.ca
e-gathitulegal.com
ebirdacademy.com
ecspace.vn
elyon-labs.com
cobroqr.emizor.com
eximops.com
fbsfresno.com
tutormat.franciscosereno.cl
freshnirvana.com
www.futurefood.app
www.gemmacalmet.cat
www.growmic.com
www.social-media-dashboard-with-theme-switcher.fm.grzeg.pl
www.habibiexperience.com
heicitec.fi
nguyenngocminh.id.vn
k-ray.ca
kamtecerpsys.click
kaninilabs.com
laplaza-freiberg.de
mariahoriental.com.br
miagency.ai
mitealink.org
www.mockexam.online
moneynesty.site
musingsofthemuse.com
app.nextup.nu
www.nudata.ai
onesixtyone.org
galt-doc.optimatech.com.br
ozigma.cc
www.peakalikaturismo.com
11521592.peerly.app
coach-dashboard.pencilapp.com
www.percepto.cl
plantboop.com
pogopolling.info
pouchpaysolomon.com
prescreva.app
quangcaothanhtu.online
rabiscoradical.pt
rcllaguno.com
revumee.com
sbtyacedemy.com
my.sipology.app
smart-ad.ro
sowarnatraders.in
www.sowarnatraders.in
spendingskills.com
www.spharklabs.com
www.sprintplanning.org
stackcore.com.br
www.studentkonnect.com
demos.subl.ai
surfselect.ca
arrivo.testing.ly
mqsood.testing.ly
cg.testviajes.com
gpt-dev.thenorthalliance.com
bcp-entrenamiento-personal.timp.io
staging.trekplanner.ai
walling.app
westerncricketacademy.ca
wilasineefolio.com
www.withvak.com
Other domains in certificate