Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.gestao24h.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 24, 2025
Valid Until
March 24, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
24:0B:E5:25:4F:B5:AC:D3:68:5D:B1:CD:9B:99:3E:58:0C:4A:27:28:23:F3:E8:0F:D8:9E:F2:08:0C:F6:19:42
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
moquji.com
firechat.10cyrilc.in
staging-3diq.3diq.com
www.aledesignvfx-studios.com
www.alextomkins.ca
aspirin.io
testversion.basedon.se
bencoded.dev
tsvunterhaching.bfsp.app
www.birraduria.de
www.buildingrenovationsolutions.ca
www.calonic.com
ceroc-adelaide.com.au
cintamani.gold
www.cloq.app
www.clubqvt.com
staging2.coherentpath.com
cyphercam.gg
share.eatology.io
www.elrincondesita.com
links.enerbit.app
links.eurus.network
www.excelexercises.com
www.ficalapps.com
firth.cc
fittracker.app
www.flying-boxes.com
static.friedsynapse.com
www.gestao24h.com
www.mariage.hillou.fr
hospeasy.com
imaginasheen.com
www.india.org
hub.inselo.com
integrityautophx.com
marek-anastasiia.invito.link
shop.iry.golf
jagbot.group
kevinvuillemin.com
khosrowshakibai.com
kamera.notifications.kohl.app
www.kubedb.com
leavenstee.me
lookatthismenu.com
madcheese.de
www.manglishcsi.com
dev.mdptconnect.com
medbillingdegrees.com
myconsult.play.medeintegra.app
www.mergim.dev
mesbro-designs.mesbro.in
metdist.com
www.mlynaric.cz
www.mwdsocceragency.com
www.myfittrip.com
auth.naranggo.com
nathan-morrow.com
ngkey.net
pipeline.nkportfolio.com
nkstradingtricks.com
www.nuboservo.com
www.oceanridertenerife.es
go.ohcleo.com
www.oliveinnservicedapartment.com
predictor.onthepontyend.com
app.ozaniskilibli.com
protoleus.com
share.pslove.dev
www.radlab.zone
www.resultcode.nl
erik.riedel.wtf
shortcut-remote.riedel.wtf
connect-ng-orders.rxoconnectdemo.rxo.com
savitechllc.com
www.scaleknot.com
screensyncer.com
seoulgoodcare.com
seraph-cms.com
simonbouchard.fr
sitapp.app
www.streamlinity.com
sunspots.eu
beta.synthfeed.com
tanumanascans.com
my.eu.ternary.app
call-staging.testive.com
www.thebascostory.com
andromeda.staging.thechefkart.com
thehomekeeper.co.uk
trackmyexpense.in
pianoforti.traslocoperfetto.it
triedstone.ca
wodcrossjm.turnosweb.app
www.vcf-file-merger.com
developer.vetspire.com
vikitchen.ru
auth.vinnie.app
buspass.vn.ua
yottabytes.ai
app.yourphysio.in
Other domains in certificate