Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=vocatoca.net
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 07, 2025
Valid Until
February 05, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1B:F6:57:11:62:B4:3D:20:D4:BE:9A:96:96:B0:F7:BE:92:58:D6:59:2B:40:C1:EC:0F:03:F6:02:E8:D1:6E:56
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
prismsolutions.app
21stcenturymuseum.com
aeiscal.3cket.app
auth.alla1n1.com
amora.finance
animalidentifier.app
applied-at-work.prod.appliedautonomy.no
appofweb.com
aurorasensor.org
borbasolucoes.com.br
www.cadconcept.pl
it.caldera.is
www.camsharp.net
www.caylerandsons.org
rebuyslovakia-backoffice.cbdata.sk
madsushi.clau.io
www.cleanbros.pl
club.partyon.co.in
www.cartvilla.co.in
tv.coibong88.org
hermiso.com.my
conceptc.net
crtvcapitalism.com
digitalination.com
drve-payments.digitalknow.how
djfk.live
dontpanic.tv
www.dramein.vip
drovier.com
x2a3.easyapp.co
xqkhukf.easyapp.co
xrt6om8i4j.easyapp.co
easyplanningpoker.es
admin.dev.coachingenglish.edu.vn
app.eesy.dk
auth.efon.io
enablequest.com
auth.eutopia.now
www.findmyai.org
flexfiteurope.net
flourishinglab.app
www.fussball-imposter.de
www.girlule-pro.xyz
www.glamour-story.com
www.goldrushcomputing.com
gotv.fi
dev.proizvodac.growtovchani.com
harrypot.lol
hip.world
india.hontru.com
www.i-j.fr
stock-management.interimadd.com
jsonfixer.online
permanent-make-up.juliabeuther.de
lapranders.org
www.madeint.fr
mathuraprasadintercollege.com
merchz.in
adminead.mindsidiomas.com.br
mitsuketene.jp
tuna.mmzk.works
gomoku.moonshine.tw
www.mycitysolutions.mx
profile.mynt.in
myplanetalliance.org
app.hml.ngtpay.com.br
app.ngtpay.com.br
www.app.ngtpay.com.br
omarwaked.com
superadmin.omnicar.io
docs.onefinance.pt
opentechbio.org
admin.origamigroup.mx
lg.origin.us
profinance-recruitment.co.uk
psimakers.org
puretoneixgames.com
rms.refillbot.in
fargo.rfkcentral.com
rosato.vc
infinity-code.ryoskate.jp
fan.ui.sceenic.co
www.siuv.ch
sonhar.cloud
sthenryschool.in
www.pay.straetus.app
studiouno.io
bodadelgadoarguello.swanmoments.net
reportingapp-prod-smbt.synth365.com
leadhook-cdn.synthi.xyz
menu.tera.cafe
thinktank.finance
toiware.co.jp
app.travelogueit.com
unitedleadgen.co.uk
auth.vendai.digital
www.vishalmishra.in
vocatoca.net
veyron.x3d-ai.jp
config.thermosense.zchoolmate.com
Other domains in certificate