Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=sergiogf.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 24, 2025
Valid Until
January 23, 2026
54 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
34:84:49:75:70:C3:4E:B6:C0:5E:AE:10:E6:82:61:BF:E6:59:FF:B1:5D:57:6C:0D:B0:C1:78:8B:44:3A:4A:50
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport,script-src 'report-sample' 'nonce-MH40AA-3vRAkgwDw3gzGjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
lojastopmoveis.appshare.com.br
www.1313railroad.com
404.cube.dj
app.affirmdaily.com
www.alexfriedman.tech
cissp.almobdioon.com
weather.atominfo.tech
kitcheners-staging.b-arro.ws
batralawoffice.com
www.beightstudios.com
app.bikefinder.it
app.biota.land
letters.brainsprays.com
app.bunkin.jp
burakerdem.tr
www.capgridsolutions.com
blog.cawpea.me
centrulminerva.ro
jz.clian.net
app.clipreply.com
nt-connect.co.il
fable.co.in
ad.dostesting.co.ke
www.codaaa.xyz
codehelio.com
spinecentre.com.hk
www.computeintel.com
www.conntec.net
www.crustytrump.com
daruzo.com
delightfuldaysdaycare.com
www.delorge.be
dentalkpdc.com
developeraspirations.com
diamondalmirah.com
droptaxinow.com
stage.dyggame.com
freehair.edsys.com.br
eholde.com
champ.eu.com
app.fiil.io
swan-operator-test1.fleet-dev.com
a0cw.foodle.su
gamsoft.eu
www.geer.solutions
geopix.app
tvos.golfpass.app
www.handiglijstje.nl
www.helloworldapp.com
hoowith.com
ilmalammox.fi
impactwrap.dev
sandbox.restaurante.inboxfood.com.br
beta.pnx.inpraxi.de
firebase.insvilablareix.net
intpcat.net
app-calculator-dashboard.itlicious.be
johanekroth.com
polar.lernzettel.org
plataforma.liftaviation.com.br
www.lockviewlive.com
mcnet.in
www.norkin.org
be.ntntnl.com
pdsind.in
pellet2d.com
www.pixelschmiede.com
www.pond6.com
fractional.proveanything.com
portal.pyneapp.com
assessments.qualiphisummit.com
www.rbper.com.br
rimenergies.com
rice.pulse.sasaki.com
sergiogf.com
app.server-watchdog.com
www.shiba888.bet
siddhashri.com
singlecasemva.app
composer-search.sld.codes
sneakytools.io
dev.proxy.sokuyaku.jp
stg.auth.sozi.co.jp
sparko.studio
auth.speakylink.com
www.subastabot.es
deuce.tckatteberg.be
thebookclub.app
www.thequoteapi.com
www.thesfactor.ca
www.trellisconnect.com
webcomponents.truckstop.com
crewfit.turnosweb.app
auth.uniweb.no
www.veggen.se
vinylbox.app
www.webassembly.us
www.wellztech.com
dashboard.wingside.ng
stg.writer.app
Other domains in certificate