Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.el-gato-encerrado.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 03, 2025
Valid Until
March 03, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A2:36:09:56:DC:4A:50:49:09:D0:61:7D:52:67:70:74:87:8F:82:FE:AE:50:0F:13:55:97:10:21:4F:3E:06:14
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
kennedy.no
accnorthphoenix.org
addix.meme
agorapertuk.site
link.aisw.tv
crm.akeng.com.au
apimethod.co
apolloplanning.com
dev.app.athleteium.com
app.billyh.xyz
blackmetalizer.app
www.everyday.bxt.org
formulario-web-cambios-y-devoluciones-dev.cc-irdigital.pe
www.circle2forgiveness.com
www.admin.benevo.co.tz
cognite.no
try.commerceflow.ai
www.configuradordeco.com
crowncasino.mx
jobs.date-fns.org
www.digimoxie.com
app.dinamarimoveis.com.br
hakki.for.dinii.jp
www.dutton.com.au
www.el-gato-encerrado.com
ac360-control-dev.enablus.com
kingscross.equiem.mobi
www.esec.cc
jsatom.everytale.uk
excelquanly.com
www.forjcustomhomes.ca
resetpassword.gumb.app
3bwonen.herstelverzoek.nl
auth.hoehensucht.de
gettheoutfit.honk.international
pos.dev.hyll.com
tts.ilymgroup.com
fluffy-alliance-v1.injaste.com
www.izzathafizuddin.com
www.jackpatrickhickey.com
juscall.com
kazaklimuhendislik.com
mmnotes.kunruchcreations.com
pedidos.lidercamargo.com
www.lucaspimenta.com.br
luckybeetlegames.com
archi.lukakiro.dev
atoron.mahrsrv.xyz
mathsgemseychelles.com
maxga.me
sidekick.mlnb.org
app.dumbbill.monopolysystems.com
myconfessions.app
stage-app.nabypay.com
nataliejaneedson.com
nikkihall.me
noninertialframe.com
nrvnotes.nrvi.com
site-static.othellonia.com
overstockguys.ca
staging.p3a.app
pi.delivery
crm.pocaalbum.com
pollopen.com
callaudit.prepladderdev.com
ops-canelophone.reachmobile.com
redditonaturale.org
remotefinancejobs.com
www.rmtheis.com
www.ruggabot.com
saviorvivrecosmetics.com
artifacts-master.screenomex.com
staging-business.seeyamobile.com
sergiolgac.com
serta3d.com
sfutureapps.com
ddl.socialgiver.com
evcare.sonice-aioe.com
suchaktea.com
sunrise-burritos.com
synclly.com
www.tangenta.net
thaliif.com
thatdadsclub.com
theartofcorr.com
sandbox-tools.timerise.io
www.trade-r.com
www.hotel.trendydashboard.com
trycarbide.com
www.tryshopify.com
l.tuvivannien.com
www.wahlax.com
link.waitly.com
woodyforcouncil.com
admin.devmulti02.wowdesk.jp
www.xmenu.co
app.yearwego.com
staging2-chatbot.yepic.ai
staging2-express.yepic.ai
www.zimbrutopart.ro
Other domains in certificate