Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=www.bancoperola.org.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
May 02, 2026
Valid Until
July 31, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C3:9D:2F:9C:CD:15:DB:4B:DC:64:BB:C8:BA:62:62:0A:7D:1D:0A:49:7D:80:28:95:B4:36:8C:4E:52:A1:A7:D5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
oxygenincluded.com
aafdl.3cket.app
aaualg.3cket.app
adikogroup.com
link.afs.sh
aikam.ai
www.allaboardbitcoin.com
link.allinbiking.com
amillionpizza.com
anpv2417226.id.vn
template-stg.appelent.nl
ask-konsultan.com
autoskopen.eu
www.bancoperola.org.br
web-dev.barbr.club
www.bestgolfcarts.ca
biatalab.com
boltzmann.co
www.bonjiartworks.com
event.boosteron.co.kr
builtinvestments.com
camsaimscs.com
cardioexames.com.br
chadronstatesportcamps.com
www.cimtcollege.edu.in
comspense.com
invite.consentio.co
www.contabilify.com.br
crateos.ai
www.customcreativecrafts.com
damaxbarrie.ca
esg.data-insight.biz
designretailco.com
dheerej.com
domdemon.com
www.domind.app
test.easykasa.app
acompanhamento.ecbsistemas.com
ellispickleball.com
eta.emiconnect.web.id
endurup.com
enwrapt.co
uat2.equix.app
euro-compass.com
blessedcoast.festivall.ca
www.firelise.com
fuckingnotes.com
fb-ctt.gestao-frotas.pt
getcheckmat.com
gfgrkgit.club
gimnasion.com
admin.glowbyanelisa.co.za
haugaardian.com
hecht.app
hinasupermarket.com
little-hooves.horseriding.app
ipscrcsaludytrabajo.com
istanbulcekiciyolyardim.com
javierslatincuisine.com
jona-love-nico.com
josepromanim.com
kit2.games
kwenaphora.co.za
lavvasca.com
lealtapp.mx
app.lepremier.com.br
design.logibud.com
masterhuntconsulting.com
www.milesmile.app
mrkim.ai.kr
n29cdmx.com
nguyendinhhung.id.vn
www.nishinoyama.net
no-filter.app
www.observatoryzed.com
understone.portal.orwi.app
patterndy.com
merchant.paynowafrica.com
pertrain.ai
www.probemgestaocrianca.org.br
habits.rareyes.dev
ecommerce.reso.vn
saminternational.online
samuelhunterstewart.com
sandringham-darlington.co.uk
deskclock.sanjaygangwar.dev
www.shiroye.com
skyfinstudio.com
solvius.co
cdn-calculator.sonicrocket.be
techready.live
thebibleworld.org
m.timbermaps.app
app.topgeo.ai
transparentcampaigns.org
www.bus-dev.transvision.nl
videogamesupercrossseries.com
admin.qa.tk.videolink.app
www.world-clock.com
zebax.ba
Other domains in certificate