Open
Cached
·
2h ago
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.roberto-pantoja.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 01, 2025
Valid Until
December 30, 2025
48 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
01:B0:9C:4F:D2:24:FE:F9:48:51:EF:52:7F:BC:F4:45:90:11:80:EC:55:BF:53:7C:B4:C5:F0:D6:0D:C8:3A:66
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
openfooty.org
asteroids.115room.com
app.actionstrategy.org
akhmatovafilm.com
me.allmembers.org
d.alp.cr
alpha.apxor.com
www.arete.li
artkom.dev
austriacreativecompany.com
research.balm.ai
www.uniform-numbers-mlb.baseball-connections.com
innovaturba.bigjonan.com.ar
resume.billinger.me
kalender.blaulichtplaner.app
biconomy.blobscriptions.xyz
portal.chaser.io
www.hermiso.com.my
www.mastertrain.com.tw
jcetcheverrydespachante.com.uy
dclawnpro.com
pts.dev.br
www.diegofcoluna.com
phr.easymrs.com
www.entireacademy.com
www.etis.app
www.evernest.io
www.app.excelrecon.com
fixmyphone.shop
front.flowmanager.ro
getautomate.app
hobbydbscan.app
to.iamprompt.me
shop.it-karl.de
jbaa.club
www.joeyynchan.me
www.jojijoy.com
www.julebobler.no
backpack.k12ahisd.net
www.keenmobiledetail.com
www.khanakhata.com
www.kingsconstructions.com.au
laniakea.laniakea.tv
liam-watson.com
www.marinadecolon.com
michalkukla.pl
moto.mindofmatthew.com
survey.momofingo.com
www.mouldtechsol.com
mrbeez.buzz
ronyaprianto.my.id
www.iqblnrkhls.my.id
www.mywellth.app
nhonewaycabs.in
beta.nurseid.io
oddityparadox.com
infosindical.sistemafaeg.org.br
ottoschool.org
www.payproxy.io
pay.pfstaging.xyz
stage.triunfo.photofied.tech
physiobalance.fit
app.physofia.com
www.precisemarketingco.com
pretentious-o-meter.co.uk
visor.quattrocrm.com
routes.raketten.net
cms.re-cognition.online
onlyoneof.re2fe.com
stg.epex-album.re2fe.com
www.remedi.app
v1.ricardosandez.com
www.roberto-pantoja.com
app.rolloverrep.com
runningsoftware.systems
serume.org
blog.shoplystr.com
simgepanjur.com
drive.smarty-app.ro
get.smexapp.com
solutionsfptb.com
spaziovettoriale.it
www.spaziovettoriale.it
sumitsir.in
bodagrijalvasalinas.swanmoments.lat
swiftdoc.com
tgt.tgt90.com
www.thefaxfree.com
thincera.com
plan.travelli.nz
www.truzen.com
www.ucsdgradphotos.com
www.uniconyx.com
dev.usecatch.com
wallofpositivity.com
wecycle.io
docs.smf.telema.whitecloud.jp
www.worlddevelopmentfoundation.net
productie.zagenzagen.nl
emeal.zh11.ch
Other domains in certificate