Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=www.portfel.ebra.pl
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
May 05, 2026
Valid Until
August 03, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6E:01:3D:2E:3B:1B:87:F5:90:59:6B:80:4B:AE:0F:E7:8E:96:90:2D:D7:0E:E4:3E:1D:F7:8A:47:FF:8F:7A:4C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
maudev.cl
www.maudev.cl
arcade.nix-hero.4lab.cc
staging.7mode.nl
staging.admin.7mode.nl
www.staging.7mode.nl
aexiustalent.com
aity.dev.br
amaldesigns.co
www.amaldesigns.co
www.ansynccircuits.com
antruong202417089.id.vn
apexyeild.com
data.apptist.co.kr
arumidevtech.co.in
aspenbycharter.com
csm.aspenbycharter.com
authraprotocol.com
aveyls.com
stock.btracfoods.com
caproll.app
chaingpt.in
clothese.store
www.codysmobilemechanic.com
constellationhackathon.ca
www.constellationhackathon.ca
olhonocredito.consultashub.com.br
contactohidraulico.cl
gestao.corefinancas.com.br
docs.crimoo.com
bluete.dailyform.ch
mcg.devzphere.in
www.portfel.ebra.pl
english-mbti.com
www.errbits.com
feelchangebuild.com
www.fitnationbangalore.com
freytag-capital.com
arval.fullmec-chile.cl
spc.genesisvcs.com
girodogramado.com.br
helpresi.com.do
icashconversapro.com.br
dev.careers.apps.ignitesol.com
dev.recruitment.apps.ignitesol.com
call.insai.tw
internationalpainthouse.com
iptv-espana.vip
www.jactcell-assistec.com.br
jewishcolumbia.org
kaailo.com
kaitlyngreenvb.com
zigzag-bbs.kimpirakobo.com
kitkaton.fi
kultgo.com
kvh.vn
lilyderma.uz
starnuti.lpaladin.it
maketeria.com
panamericano.masterhotel.ar
metalogue.ai
shu2026.micongreso.com
topchef.mrspaulding.com
mycitymart.in
noviyzub.ru
oblivionimports.com.au
olamedic.com
onbot.com.co
one-more-hop.com
www.pixelhang.com
pttien9326.id.vn
backoffice.horizonte.qitech.digital
www.qzltech.hair
radardoclima.com.br
rchealthcarekw.com
rockriverbrewingco.com
www.sagardasgupta.me
saklyawelbeing.in
secretgardenapp.com
segunda-edicion.com
skj.life
xml.soluzi-one.com
www.sozacorp.com
srkinfratn.in
stacksens.com
stockup.my
www.termotech.eng.br
de.textarchiv.com
en.textarchiv.com
thammuucaqn.cloud
unimakerprojects.com.br
vaidora.in
admin.verseer.app
creators.verseer.app
weelo.versoft.fi
5g.vinoc.mx
voomly.kz
www.vorticemusical.com
www.vylax.eu
atendimento.zarpar.app
Other domains in certificate