Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=easypec.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 07, 2025
Valid Until
January 05, 2026
56 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3F:5D:BD:0C:1F:F0:77:D9:B0:09:87:DD:FD:72:E0:3A:A0:88:36:B3:1A:33:2A:A4:11:03:0F:03:13:09:DA:94
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
joinery.work
hire10xapp.10xscale.in
staging.gutscheine.additive-apps.eu
www.aerodtechnologies.com
berthapp.ars-cube.com
indique.ayoapp.com.br
beepbeep.uk
oktatas.benjaminkomjathy.hu
www.blakforest.com
boomcoin.fun
bridgewapp.com
www.budesvatba.xyz
www.coursebooku.com
www.dmarc-reporter.in
app.doctup.fr
www.dragonereum.io
easypec.com.br
dev.dziennik.elfedu.pl
walio.elwinston.io
dev.envisageplanner.com
www.espressolab.lk
recruitment.flairboat.com
bveritas.formidavel.app
www.gain.si
www.goldielab.com
a.gotidy.in
app.gr.chat
www.harikatha.com
www.harryli.me
blastic.hsr.se
www.ijoda.com.ar
www.indiraspoems4kidz.com
swan-hub-test3.ingogodev.net
firma.jeve.it
app.kahu.work
katrinundtom.de
kennethjenkins.net
dev.klips.me
admin.lefty.io
www.leonardcollins.info
lesvos-sakis.gr
panel.lienzo360.com
www.lizardsoftherock.com
getapp.macritchie.io
jumprope.makeitnow.kr
app.meetvolley.com
deuna.minka.io
www.monarchtailors.com
monlaluxe.app
www.motelpedrasnegras.com.br
app.mowo.fi
www.muscle-meals.de
ats.mynela.com
nikazhvu.in
solidbetong.ordreplan.no
admin.iesa.pecas2b.com.br
pericope.app
pharmaplast.in
jbosteo.pickafoo.com
www.ppenv-wekicards.com
svsound.productgenius.io
www.rebr.no
demo.widget.rendin.co
reto-fit.com
dev.exit.rightworks.com
www.ds.roadrakshak.in
app.rocket.la
roundnetclubzurich.ch
www.runsonfun.com
www.sangsangtoreal.com
www.scproductionsltd.com
www.sense-source.com
app.shipwithkim.com
link.simplysignsapp.ca
easypark.spacemaster.io
www.spacemonkeys.net
www.sparkoftrade.com
starget.md
www.starshair.design
casework.sunsuria.com
wedding.syamsp.com
www.tarinchiaro.it
www.teamdominion.jp
text-online.net
wedding.thebigday.my
auth.thisorthatplus.com
admin-ls.tiifa.jp
cms.backoffice.tourmyindia.com
www.towaso.com
web-stg.trato.com.br
unbroken.digital
register.untapped-talent.com
deqspills.ugrc.utah.gov
archive.warest.de
herbacoach.westindiesdev.com
referral.wiyak.com
www.wtjp.app
www.wybro.com
myxarchive.zaldyjr.com
www.zenithexpedites.com
Other domains in certificate