Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=naturopathebarcelone.es
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
March 08, 2026
Valid Until
June 06, 2026
43 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
28:CE:7F:81:FA:3F:8D:B9:4E:43:B4:D7:6C:97:E5:69:77:47:92:47:D7:62:05:2F:5F:05:FC:4C:FE:8A:64:3F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
kwcybersec.com
annettegora.de
araujomanutencoes.com.br
augmented-coach.fr
avoidino.com
www.axxlpromomx.com
babal.app
baughgalactica.com
bemybaby.co.il
benv-studio.com
bigebesikci.com
bipe.kr
archi.builditapp.in
with.chatie.me
www.chi2create.eu
habittracker.ckvn.dev
cmpunjabscheme.site
www.cuding.shop
dahishgroup.com
www.dahishgroup.com
dancerooms.uk
app.defineperspective.in
silapka.derda.site
devinewithv.co.za
digitload.ca
www.digitload.ca
www.drmadhuplasticsurgeon.com
eventsgenie.ai
fabeautech.my
www.fabeautech.my
filtreg.com
eventflow.fini.app
flowcero.com
www.g-y.jp
gandhimedilifetech.com
cloud.gavety.com
devfest24.gdgstrasbourg.fr
lotto.gogaman.com
governr.ai
link.grvty.app
hailyeah214.com
oauth.hectoware.com
ropa.informaticacrt.es
jassg.ca
www.jassg.ca
joannadeangelis.ca
www.joannadeangelis.ca
sna.kalkee.org
www.kralnote.com
www.krishshop.com
kubeflex.io
lanceetconte.com
livesign.co.za
lorgartshillhotel.com
www.lorgartshillhotel.com
flutter.maestrofaiz.com
auth.magnifi.space
metalcocnc.com
simulador.monetarecorporate.com.br
sub.moodtrackerapp.pro
naturopathebarcelone.es
nyahbecker.com
www.nyahbecker.com
openhse.de
perumobile.pe
tickets.pixelsorter.studio
intake.polustechnology.com
www.pomoku.com
practicepolish.com
printola.store
www.printola.store
roboticforce.ca
regex.rousoftware.com
test-business.saahcapital.com
simulatecx.com
www.simulatecx.com
www.spaceflotsam.com
www.stakeholders.app
steppaper.co.uk
tafoam.store
www.teamitup.gg
www.the-ferrys.com
thebornsoft.com
thoughtfulindia.com
www.thoughtfulindia.com
forms.thousandapps.com
thryftit.co.za
evms.tinto.cc
risk.tinto.cc
toanmai06.id.vn
www.trackteam.app
huntlab.try.ee
tulukatucuman.turnosweb.app
flyers.twsk.io
vincenzoricciardi.eu
track.wecreates.ltd
www.whiteknightsensemble.org.uk
www.wiifi.fr
wyra.cool
www.xcode.hr
Other domains in certificate