Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=blog.josemgomez.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 06, 2025
Valid Until
January 04, 2026
56 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BE:6B:8A:E8:18:75:15:CE:A4:11:71:7C:CE:6E:7F:2A:69:90:C3:E0:A9:87:F8:EC:88:D6:15:3D:87:0D:69:C4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
preprod.links.fhhealth.opnte.ch
20224863.id.vn
lakeshore-roomplanner.3dcloud.io
staging-manager.allindex.nl
www.amass.me
webformsstage.anthonynolan.org
rgn.energia.app.br
appvertising.co.uk
arbsq.com.br
architex-solutions.net
hr.automattor.com
m.serviceapp.bmw.be
bo.brad.ag
brandonkennedy.me
www.buffalocityapartments.com
www.carlospratt.net
www.carteiracontabil.com
maze.cathand.app
www.smmile.co.bw
www.cocoonbeauty.nl
code-snap.de
www.svey.com.sg
www.app.contentoh.com
ddiservices.org
kwd-honatsugi.for.dinii.jp
www.dmendoza.dev
www.donwewege.com
www.droidinfinity.xyz
beta.dylomo.com
admin.eaglesecuritybd.com
campus.cfp2caba.edu.ar
inthechat.elevation.online
app.emme.com
naturgutgmbh2.backoffice.emporix.com
datasets.filecoin.io
www.foodandmill.hu
www.frerestoque.fr
tunnelrush.games235.com
www.gotcooler.io
nest.iwiz.in
www.japan-oripa.com
jfpa.in
blog.josemgomez.com
dev-auth1.neuron-dev.keurig.com
lawyersforkamala.com
www.lecanary.com
leshemart.com
www.linksport.pt
quanlynkng.loctroi.vn
myplace.lovable.solutions
www.maledifresh.co.za
marketindustrial.com.ar
www.intermediarios.masseguros.pro
maxtorque.kr
www.mdpx.xyz
store.momoapp.vn
mou.digital
fnpriambudi.my.id
checkout.stage.neoufitness.com
www.nicdistasi.dev
www.oneglobb.com
s.datos.org.co
pandoratrans.com
parketidm.bg
mostevents.parq.run
demo.partnerhub.co.za
paytoplayathletes.com
refer.peartech.in
www.prepmedecine.be
www.psas.vn
natistagram.radek.website
reused.green
auth.mx-tickets-staging-alex.robinheat.io
sandbox.runllm.com
www.sagarchasmawala.in
samanthashulman.com
www.scottsdale.events
seminariosllavona.com
simply3d.io
link.sniip.com
bob-loblaw-trust.blaze.solerabank.io
srchy.com.au
www.taxbolster.com
ecom.tintoc.vn
test.toobzgaming.com
tundepolonyi.hu
workroom-dev0.typex.kr
u-dox.co.uk
www.vaishalisharma.in
valentinstamate.com
staging.vetvise.com
www.victorbogdan.com
vinettaproject.com
volttisolar.com.br
voypost.com
www.weboftalents.com
oauth.ws-svc.de
xiaolianglin.com
yllixgashi.com
zeynepmode.com
Other domains in certificate