Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=staging.webtest.oab.debolso.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 18, 2025
Valid Until
January 16, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DF:FC:16:7A:4F:B5:FD:AA:56:AF:A6:44:10:C2:C6:12:59:C4:08:F3:6B:3F:32:95:15:9A:15:61:57:15:DF:59
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
onuralpavci.dev
www.1stmarinecorp.com
abuabdou.com
www.abuabdou.com
app.airteam-services.com
auth.google.alatelecom.com
alttab.rs
theatricalgroup.armenian.ca
nagapattinam.arnidroptaxi.in
beaktheapp.com
www.beaktheapp.com
www.blocksimmortalizer.com
www.borderstatus.com
brzpay.com
www.cadtouch.com
moncompte-outils.cafedemarie.fr
www.casesuriartemedhub.online
ciceros.it
app.do4me.co.il
www.programmingmentor.com.ua
www.cremeriavalleverde.it
davesdrywallandpainting.com
staging.webtest.oab.debolso.com.br
duan.li
edgevideo.ai
www.edgevideo.ai
www.emadideen.com
enclaveai.io
engineeringyoutheducation.org
enuid.com
farmtrackpro.com
boa.forja.cc
auth.sso.framelunch.com
admin.furwoodd.com
genui.ne
gephra.com
www.gephra.com
saoluiz-saude.guiasaudemais.com
heavenorhell.space
hellogaspy.com
platform.dev.hero-workout.com
niceshop.in.ua
applink.indiatv.in
innerproyect.com
ownership-pre-loved.johnfowlerholidays.com
kitchen.rodeo
knowlex.ch
www.kultivoia.com
www.lammpee.de
lamoretta.com
lysogenicgames.com
mahsua.com
www.marketingprint.com.co
chefcost.mastertechteam.com
www.mecanoglobal.cl
www.mfstartups.com
www.mikcsabee.com
www.mojemate.cz
mrdishant.in
interview.myproxi.io
studio.myproxi.io
nathandevelops.com
www.nativealien.co.nz
app.naummi.com
www.newworldtravellers.com
ningtamba.com
www.pearlsoftworks.co.za
demo.pensioenduidelijk.com
permisosylicenciascopalillogro-gob.mx
prominenthire.com
rainfield.kr
app.receiptq.com
staging-widget.resbutler.com
automator.retailrocket.app
music.rubyred.au
ruralcred.com
link-test.sendycloud.com
sensible-trades.com
www.sensible-trades.com
ampersand-dev.sequoiacap.com
procaller.sherdeepai.com
sweetys.mx
invitation-service.tadatada.com
www.tcsappts.com
www.terencekruger.com
tomarsuraj.in
dev.towpro.io
www.tryaffinify.com
urbanianmistri.com
www.velocitytalent.com
venvarsoft.com
www.veronapride.it
versacegroup.au
vebooking-link.vinci-energies.com
vuelamerica.co
klanten.weloveoldtimers.nl
whirry.kr
youraiteam.ai
www.youthrally.org
focuspet.zavislab.com
Other domains in certificate