Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.minervaimoveis.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 01, 2025
Valid Until
March 01, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
75:6B:B2:4D:D5:0B:28:22:7A:DF:64:7F:68:3A:7E:99:5A:CA:18:DF:B8:7A:1C:4D:DF:1F:9C:DF:2A:F9:E4:79
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
onemovie.jp
4datbnb.com
www.a2vcabs.com
acceleration.solutions
www.aeodonto.com
wgapp.alles-n.eu
test.appteck.de
admin.arketiks.com
arounds.us
accounts.ascoa-cm.org
opfikon.avdis.ch
admin.dev.beefast.eu
branchedhq.com
partners.branchedhq.com
www.core.cambri.ai
examgrader.studytube.co.in
intekelektronik.com.tr
firebase.workinghouse.com.tw
www.conectacidadaoapp.com.br
criticalslash.com
sharkkid.crowdpigeon.com
data-reno.com
tichka.essaouira.eco
evan.kim
evengo.space
swip.admin.flyingpotato.de
www.girasoleftv.com
www.googleoperationscenter.com
www.gp-rh.fr
mastery.guillaumeisabelle.com
cdn.gyerunkanyukam.hu
www.haibane.dev
hamrohelp.ai
w11.haraldssons.se
hecareswecare.org
pre-usuarios.infolibre.es
app.test.introist.com
ooo.isso.ooo
app.jakubstellner.cz
joshcrackers.store
justinduross.com
prof.kimeye.kr
www.soul.kujeera.com
www.lavava.com.br
www.lingify.co
lmao.fail
www.luckle.co.jp
magyul.app
www.merakistructure.com
app.minervaimoveis.com.br
budget.musicdatalabs.com
hayyaalalfalah.my.id
nikkiricks.dev
jarvis.nishkal.in
data.misueldo.o9.cl
okolo.it
nagapattinam.onewaytravels.in
staging.app.pave.com
admin.petalslaserlounge.com
pipasscrapbook.pt
configurator.pixelsucht.net
biz-assist.pradeeni.com
onpetro.produzza.com
proteletax.nl
portal.psybernova.com
rallyfeed.com
rehabilitationspsychologie.at
remotecopy.io
www.rngdng.de
rohitmaddiboina.in
www.roommatedecor.in
www.safe-helmets.com
saveriafineart.com
scorecredy.com
www.shahcopperpipeclassaction.com
app.simaocorretora.com.br
portfolio.simonesanfilippo.online
www.simonesanfilippo.online
singlephoto.com
volcan-xa.sky-boy.com
link.slumber.fm
chat-test.smartmation.com
www.es.speakingathome.com
bodaespinachoi.swanmoments.lat
www.tangobaile.com
www.tatamatkabazaar.com
www.techridge.co.uk
utilities.thetechnicalfist.com
theworldsoccer.com
tleilax.com
torontoinnovationlab.com
www.torontoinnovationlab.com
awake.tr1ckyf0x.dev
traceflights.com
travelhop.io
tripsplit.io
unormous.com
usuathleticscamps.com
www.usuathleticscamps.com
share-stg.yoou.com
Other domains in certificate