Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.studioo.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 13, 2025
Valid Until
February 12, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CA:B1:4A:61:EC:2A:EF:20:FC:4C:64:85:38:13:C4:A9:A7:CD:BC:B6:C5:39:07:79:E6:FA:87:DE:A6:C8:5B:9D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
hokimtong.org
agendavirtual.app
agrisenseapps.com
aguayplantas.com
www.albertaconnected.ca
avocadonotes.ai
www.bhuvanasriinteriordesign.com
auth.biz-node.app
boonies.app
bp-consulting.ro
brant.app
broadstreetsearch.com
cogemogros.com
www.connyarmin2020.com
zettle.corntech.com.mx
www.devellotech.ca
nilgiris.dropmeoneway.com
dustin.boston
elviejoaguaribay.com.ar
face-bot.ai
fayas.in
fertilityclinicinnovators.com
flowbyte.cloud
fuckofftedcruz.com
portfolio.fundwave.app
graphbot.ai
www.growpecomm.com
l.hearme.pl
nguyenngoctien.id.vn
phanchitoan.id.vn
tungson17021.id.vn
ilian-iliev.com
machi-sys.it-monozukuri.com
izervay.ca
www.k-torconsulting.com
keypr.ai
www.knowyourrights.page
leopalma.com
madraswash.com
www.marianagoncalvesdacunha-art.com
tamil.corona.mayamd.ai
www.mecha-info.com
mrremodelinggroup.com
nasshine.com
halo.neoufitness.com
servicios.nirelcr.com
wedding.nithinprasad.com
stageqa2.notifyvisitors.com
novacratsio.com
www.oana.com
octanejeans.com.ar
www.olv007.com
qa.ca.onerevolution.com
fiep.orchestra4edu.com
packmyproduct.in
www.paraworker.com
app-qa.pixis.ai
qiratshop.in
qualityservicepak.com
qualuation.com
www.app.relion.dk
app.researchfrom.com
respiratorysciencesinc.com
www.respiratorysciencesinc.com
rohelevy.com
rotaryorchardseniorhome.com
sadid.dev
portfolio.salimloudev.com
schaeferdevelopment.dev
shabbatus.com
smart-reels.ru
antigo.smartimob.io
smsabir.dev
snaghaven.com
wellness.solsten.io
solutiondevelopers.in
www.spacaretime.com
app.studioo.com.br
norgesvask.superoperator.com
tcates.com
tcjewellers.in
www.teammochi.com
templateimages.com
www.theabysslist.com
thecleanappproject.com
draw-tokyo.ukonpower.dev
uniservicelatina.com
aidash.utradesolutions.ai
uzmdrnazancelik.com
www.vanlifeplanner.com
www.vegamecum.com
www.vibertech.com
sundial.videoscribbler.com
vitersoft.com
bwg.p.w3.app
stage.admin.wagnerguide.com
weddingmemes.com
app.writeloop.ai
evolve.ymedia.in
zust.ai
Other domains in certificate