Open
Cached
·
just now
82/100
SECURITY SCORE
Certificate Information
Subject
CN=auditorio.vendacolaborador.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 26, 2025
Valid Until
December 25, 2025
34 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A6:DB:5D:C3:14:09:32:6B:F9:24:BB:9E:13:87:D7:DD:30:8C:7D:CB:21:D8:19:3D:9C:A7:9B:CF:AE:35:D8:0E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Good
default-src; font-src; script-src; +9 more
default-src 'self'; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com https://ka-p.fontawesome.com; script-src 'self' blob: https://uploadcare.com https://ucarecdn.com https://www.gstatic.com https://www.googleapis.com; script-src-elem 'self' https://kit.fontawesome.com https://*.firebasedatabase.app https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'sha256-gPjlli1HEdLlR0AZTY971/wQVOdSkl9mEinLnxrPpJw='; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://uploadcare.com https://ucarecdn.com; img-src 'self' data: blob: https://test.pensioenbij.nl https://prod.pensioenbij.nl https://pensioenbij.spservices.nl/ https://ucarecdn.com https://uploadcare.com https://assets.rekenmotor.nl https://firebasestorage.googleapis.com https://ssl.gstatic.com https://i.vimeocdn.com https://arclight.vimeo.com https://storage.googleapis.com https://europe-west1-pensioenbij-dev.cloudfunctions.net https://europe-west1-pensioenbij.cloudfunctions.net https://us-central1-soderberg-1c9f2.cloudfunctions.net; media-src 'self' blob:; connect-src 'self' ws: wss://*.firebasedatabase.app https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://*.firebaseio.com https://*.firebasedatabase.app https://firebasestorage.googleapis.com https://securetoken.googleapis.com https://identitytoolkit.googleapis.com https://www.googleapis.com https://api.rollbar.com https://uploadcare.com https://tlm.uploadcare.com https://ucarecdn.com https://upload.uploadcare.com https://ka-p.fontawesome.com https://europe-west1-pensioenbij.cloudfunctions.net https://europe-west1-pensioenbij-dev.cloudfunctions.net https://us-central1-soderberg-1c9f2.cloudfunctions.net https://api.openai.com https://pensioenbij-ai-service-514856867067.europe-west1.run.app https://pensioenbij-ai-service-589834615070.europe-west1.run.app https://pensioenbij-ai-service-732631674536.europe-west1.run.app; frame-ancestors 'self'; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://uploadcare.com https://ucarecdn.com https://*.firebasedatabase.app https://player.vimeo.com https://www.quizbij.nl https://test.quizbij.nl https://www.pensioenfeestje.nl; object-src 'none'; base-uri 'self';
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Strengthen CSP by removing 'unsafe-eval'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
pensioenbijdebrauw.nl
bdr-cert.3dcloud.io
www.aarondetrick.com
aayushsharma.in
abenzaggagh.com
app.addrobots.com
aigurutech.com
almasum.dev
andrill.in
www.anoudmanor.com
speed-reading-prototype.app.arrx.uk
boardgamehaven.com
www.buzzibox.com
www.charliepark.com
meu.preprod.clozzy.com.br
www.club-all.de
www.code-breakfast.com
countrymile.in
draw.davidvanzyl.me
essitreehop.designbridge.com
invite-dev.deton.no
frame.duurzaamwonenbon.nl
sector07.edubc.net
elevenna.com
covid19-staging.emailmeter.com
l.enjoi.app
ca.f5wc.com
www.fabric-buttons.com
shop-admin.fastme.net
fearless-security.org
api.friendly.io
fullstackpiyush.com
gabinetpsychoterapii-krakow.pl
ggx01006-009.gadabout.games
goto.internal.gather.app
jobs.gci-digital.com
go2meet.go2gether.me
goatedchess.com
mobile.gorout.net
green-owl-technology.com
guitarlessonsnewcastle.com
ocado.happyteam.bg
www.herylopez.com
hikicklowkick.com
skegnet.hughedwards.dev
www.hoangduongkhanh.id.vn
www.insideapp.it
add.itsjust.us
jbit.no
bbtag.keeponrock.in
playground.kentliau.com
sports.khan.kr
www.kiransavaria.in
kubrikdigital.com
sklep.lechstone.pl
www.leuk.app
liamkey.com
www.magnet.systems
mathuno.com
mayerseidman.com
medicspot.plus
mfplastik.com
appopen.mindyou.app
intro2db.mkss.net
mustlovemelissa.com
upload.muxic.io
consulenza.mylabnutrition.net
nabarry.com
neod.com
links.integration.dev.noprintz.si
www.notifiche.app
pdjjks.org
app.peract.io
minside.periode.no
www.pinea.nl
gallery.pixiteapps.com
www.kpis.prosic.com
prosight.site
radactive.com
ramonpeek.nl
raoslondon.co.uk
rebrrebranding.nl
ger.sigcaixa.com.br
skylinevision.ai
www.software101.co.uk
southcentralcasa.org
stoutr.app
tequiniela.mx
azalea.tokimane.jp
sicher-testen.triply.ai
www.trybe.fit
fleet.uat-heliot.com
ucdavisathleticcamps.com
electrolux.uqido.com
auditorio.vendacolaborador.com.br
wataten5-otanoshimikuji.com
west-hino.net
office.workport.pl
www.xet-the.com
zero.ai
Other domains in certificate