Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=www.magistral.dev.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
May 01, 2026
Valid Until
July 30, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
15:05:1A:2B:6F:27:0D:3B:3D:D9:F9:5E:01:C9:FA:AD:B0:5C:E4:5E:D3:20:A2:89:E3:CC:8D:53:B0:A8:09:16
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
ponafolio.ch
aistandards.foundation
akarus.us
alpsadmin.ch
www.amanafund.org
www.angeli.dev
sirh-demo-app.aquilapp.dev
astrosajwal.com
terms.atos2.co.kr
postofficescoin.af-south-1.aws.aurosoftware.net
ireland.bacreate.eu
wrft.static.barracks.gg
bluckfamilyhistory.belgray.ca
dev-mobile.bestwallet.com
www.bewell.ge
thechickensandwich.clau.io
claudialassoescritora.com
clipper.clipp.app
codesnip.xyz
cognocore.com
cosmeticolabs.com
craftbyte.net
app.crmvoro.com
crowsstudios.com
ct-consult.org
decorostories.online
app.defenxor.com
www.desertmermaidaquatics.com
devops.dev-ltl-xpo.com
www.digitalismo.cl
dnkremodeling.com
www.expressdecision2.com
www.factorseis.com
familyday.org
support.filterize.net
cash.fortedentgroup.com
geethcurtains.com
globalpremiumstone.com
app.gmelius.com
pay.gametime.gr4vy.app
www.greycolorme.com
www.gulayozkececi.com
h2rsconsulting.com
hakanyuksel.com
creative-demo4.hisy.in
hoangviet2629.id.vn
letsplay.icekode.com
flotas.ignis-projects.com
ignitedbrandz.com
link.ilikelm.com
careers.industrial-ia.com
www.intothewhile.fr
app-vitalii.invesacapital.com
isnap.info
www.jasonisapedophile.com
www.jillcrowehair.com
journeypilot.ai
link.kenect-dev.com
klondikesolitaire-online.com
landdealer.net
lawrencevillebingo.com
www.coin.leful.com.br
lily-is.online
lonestarmasters.com
www.lubavasilyeva.com
www.lvp.mx
lyceum.so
www.magistral.dev.br
www.mahalohq.com
mdrcobrancas.com.br
www.med-sim.app
admin.narratify.ai
negabeth.com
noodlestreetlabs.com
tools.nosy.agency
parksinstalls.co.uk
pdcollector.com
plussixfive.life
politecacrylicpaint.com
www.previewlink.web.id
timesheets.proacfacilities.co.uk
rakesfieldandpeach.com
www.rcloud.co.nz
rdtp.org
app.shiftifier.com
singinglessonsderby.com
soscentroeletronico.com
splitx.in
strozu.com
www.synlig.ai
technity.dev
thefirstfaultline.com
tiktokgraveyard.net
tryme.page
tycoonautos.co.uk
vtes.global
watchfaceslabs.com
dev.woodstock.club
calorieai.yantostore.com
zeetutoring.com
Other domains in certificate