Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=mistermoney.xptoconsig.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 08, 2025
Valid Until
March 08, 2026
42 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C7:74:39:5B:5E:D5:15:66:80:5F:CF:FD:7D:60:A2:8D:F1:CB:1C:2D:D6:44:D3:8B:F6:C1:33:26:86:A0:4B:CE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
knowledge.eldurini.com
app.1ounce.in
prototype.advocate.wine
www.alaingutharc.com
ampstory.co.za
www.apprender.club
cup.asv-leichtathletik.eu
www.bamboo-up.app
staging-web.bitappcloud.com
bmfsistema.com.br
market.byapar.app
www.campayna.com
canoepololive.co.za
www.captivate.games
cert-print.de
app.charlesmachadoimobiliaria.com.br
nextfleet.clearquote.io
gdpr.collaborative.fm
alebaja.com.pl
www.crewwho.app
www.csvblender.com
new.staff.ctksystem.com
pantheon.developforgood.org
digitechsolutions.site
undo-redo.dijinx.com
sorry.doorjames.com
customeraddressbook-q2.dpduk.dev
dungeon-dreamer.com
purpose.findmeaningfulwork.com
staging.static.firesidechat.com
www.fj.uz
foodfinder.app
ai-gallery.genielab.co
greatmenucovers.net
app.hitonari.me
www.hubbycolours.com
members.humanimpactpathway.com
dev.about.ibekan.com
nhom7it2000.id.vn
testadvocacia.inovajuris.com.br
www.insa-thiele-eich.com
jedi.iris.finance
www.jic.app
publiofertas.jobcity.com.co
kktrcellapp.com
liveheat.koendewin.be
admin.kwikledgers.com
anz.lorenz-graf.com
www.luzmariarenjifo.com
app-dev.mabl.com
mainx.dev
www.makershive.io
sanmarcos.marcafranca.com
blink-preview.martn.st
menufood.online
buoy.mikalmorello.com
about.mimaps.de
missioncube.org
www.mydmapp.com
nalinj.com
cuidador.net.br
leadcollector.mbmotors.nextlevel.studio
numispace.com
bangalore.onewaydroptaxie.com
kisa.mm.org.tr
www.outnov.com
www.pargroups.com
cluster.parkalot.io
perdelyk.com
pharmacy-yakumo.com
principautedemazamet.com
privori.ch
prophotoshoot.com
www.rahulsukumaran.com
foods.redsgogreen.com
rencityart.com
www.roland-strasser.com
sandyforcouncil.com
sbz.pt
slimlnk.com
vocuswb.smartspeak.ai
testdeploy-48330.snox.dev
sqlservertraining.ie
www.sreemagaltravels.in
srxcoin.com
www.stereogalleries.com
www.thesproutcards.com
link.triviastars.net
uprate.uk
visualyze.es
voiceofjesus.in
internacional.votando.com.br
vulcanoforge.it
w.events
walker-technologies.net
staging-alpha.wasteporter.com
www.wojs-przeprowadzki.pl
mistermoney.xptoconsig.com.br
staff.younoodle.com
zikrcode.com
Other domains in certificate