Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=juanmartinlucero.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 22, 2025
Valid Until
March 22, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
56:88:BE:83:33:E7:DA:80:29:03:AD:47:B1:E2:69:0E:27:03:A0:A8:D2:E5:42:19:01:DF:02:7A:4D:D7:7C:13
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
samkeel.com
www.aegle.us
links.akeneo.com
weather.andychien.me
tickets.anneau-du-rhin.com
tutor.avimukesh.com
www.ayazbaig.co.uk
babyactivityguide.online
bestwishes.ng
life.bpm.app
caconnyconstruction.co.za
samantha.chekt.com
test.cirquitcirqle.com
dev-policy.colavo.kr
www.qevo.com.ng
conversationalweather.com
cyphervine.com
dabbavala.com
webmail.daygroup.ca
app.discoversooner.com
www.dustinbelliston.com
ads-buddy.elpixelista.com
fidooo.com
freestylearena.it
www.futbol-akademija.com
garden-tracker.com
devfest2018-beta.gdgnantes.com
giganetbo.com
giuliopretis.com
v2.admin.gogokids.my
www.greenlandfoundation.com
handzbook.in
harshavaliveti.com
horoscope-fusion.com
www.howtotalktowhitekidsaboutracism.com
www.hunnywear.com
www.ibohive.com
scc.icwd.co
demo.idmx.io
www.imaginaru.com
www.indgoinc.com
firebase.islam-answers.com
jakeholmesdesign.uk
jiro.gg
edit.joshuastearns.com
juanmartinlucero.com
www.staging-sic.k-9apps.com
www.keithito.com
khatargulf.com
www.kianajoon.com
lamprell.knownuggets.com
komfortnyodvoz.sk
www.kubby.app
laplandairports.fi
leadership42.com
logx.no
www.lovemojos.com
marcosluiz.com
masaze-terry.cz
metapoly.love
mmevent.no
mookambikaexhibitions.com
mydiary-bloodpressure.com
nammaapprovals.com
navez.net
app.nearfund.com
theo.nejokey.se
www.nesphysiotherapy.org
ninosyomo.com
express.onii.com.br
www.openteam.io
staging.app.orally.network
www.other-languages.com
admin.pidra.ph
www.pracakomisja.pl
www.preburro.com
events.acc.rallygo.eu
dashboard.rumo.co
admin.sagolink.com
cms.salgskernen.dk
sandwish.app
shiningbuilt.com
shmartsev.ru
dev.super.shoden.ai
www.sneedstudios.com
sofiadevsoftware.com
www.sofiadonovan.net
auth.soywibo.com
spiceroutejourney.com
steadymoon.com
link.supermarketsgalore.co.uk
joinus.taporty.it
portal.tdsfidu.ch
www.team-poker.app
trato.studio
help.trbu.app
twsila.tech
uniint.app
www.vmathieu.dev
staging-express.yepic.ai
Other domains in certificate