Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.vantagemgenuinavaltra.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 07, 2025
Valid Until
January 05, 2026
50 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
37:23:05:D8:9A:47:40:7D:AC:D7:A7:7B:D9:1A:9E:11:8B:5F:AF:77:0A:41:CB:0F:DD:D6:4A:09:65:AC:FA:C5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
hugs4bugs.me
order.blackdogpub.3bapps.com
kaboodle-visualizer-test.3dcloud.io
coordinator.accountancyawards.ie
www.agentesartisticosdobrasil.com.br
akut.jobs
www.aldoc.io
dl.amuza.app
apap.pl
www.aquaspanbeauty.in
stage.studio.astrid.fm
www.bamitech.ie
benbeintl.com
www.bikingbeyond.de
sound.blaboly.cz
www.hexotica.bmgomg.com
staging.braid.health
telemedadmin.casemedservices.org
www.churrasqueirabbq.com.br
matzlema.co.il
www.pdric.co.in
www.artist.com.pl
otodeger.kemakas.com.tr
www.cosmostechnologies.in
easyscrum.eu
app.emailcenter.cloud
pgidd.esad.pt
services.ezycharge.com.au
www.facet.one
www.familytrunk.me
fantasypremiermcn.com
one.faundry.biz
vrm.flowerlolita.io
func-staging.geteducation.link
www.ghostkitchen-heidelberg.de
deployer.goclever.in
b2b.goodwin.ua
www.hello-shelfy.de
www.hworth.org
blog.ikejima.org
invictuslanchonete.com.br
vladyslav-valentyna.invito.link
itoz.jp
itsstonbury.co.uk
jpractice.com.au
www.marquest.io
www.marthaboyer.net
app.mercadoradar.com.br
admin.mijardinjunji.cl
www.mrjohnslocksmith.com
www.nanosn.com
nezen.co.nz
www.nicolasmainellacorp.com
www.numberchomper.com
cms.nylos.me
nirmalfoundation.org.in
clendonpreschool.org.nz
tubedaddon.panicked.xyz
www.sumoglorias.pedidomovil.es
subscriptions.pekatvision.com
phat.cyou
www.pre-surance.co.za
app.principleclean.com
catalog.probonomatters.io
view.rabbit.properties
rapidfixplumbing.ie
page.rapo.app
www.redcapital.com.au
link.remotedroid.it
www.richmondrodandgunclub.com
www.ricobeti.ch
robbertelshout.me
www.rokcm.com
mesa.rvpedidos.com.br
test.rwcs.in
www.scarlettbell.io
pumahara-test.terangihakahaka.school.nz
www.seafleacharters.com
s.seiloo.co.jp
api.selfcity.fr
enterprise.sharo.io
www.solvesmart.co.uk
www.spearcommercial.com
www.storymarqnyc.com
www.stripe-interiors.co.za
m200s.synq-tv.com
app.tastyfridge.com
tcl.is
blackstire.tcsappts.com
www.toyou.ee
sim.triple-helix.studio
mobile-stage.truckstop.com
www.unleashing.tech
www.vantagemgenuinavaltra.com.br
louvre-lens-auth.visit.zone
www.voice-of-luxury.com
www.xclusive.io
yonda.app
yvo.ma
cloud.zflex.ru
Other domains in certificate