Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=agroavanco.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 29, 2025
Valid Until
January 27, 2026
64 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E0:0C:40:68:F6:B2:6D:18:EF:51:CA:56:D9:11:0E:4C:20:71:67:72:27:E2:90:4A:AA:B3:CD:9E:3E:65:D5:A1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.charmingbeauty.eu
blacknotes.0fredesign.tech
keeper-app.11c.kr
school-of-employability.gnkitm.ac.in
soe.gnkitm.ac.in
command.adionatech.com
wga.adv.br
agroavanco.com.br
demo.latinx.ai4b.mx
aiprofolio.com
letsplan.alexandermasud.com
auth.b2.aporeldele.com
www.autodrop.ch
beginu.life
www.bigwav.app
www.brainn.net
beta.budgetforecast.app
abc.bytr.xyz
manager.staging.castingapp.com
bank.change4time.org
dev.chaosolymp.eu
www.charming-tour.com
docs.codelin.vip
codemind.dev
app.codingbar.ai
collagemaker.uk
app.cosmoscr.in
portal.dataholds.com
video.drivecloud.com.au
www.edim.app
excelal.com
farzan.io
app.fcgroningen.nl
talks.filmivast.se
www.freelock.es
app-staging.getmida.com
4f-react-stg.goodylabs.com
admin.grid.studio
gs1story.gs1it.org
app.happywheel.fr
yd7ds3gizyo2ie3i.test.no.isnot.info
admin.jardimblauth.com.br
www.jdwireartstudio.com
evestai.jingjietan.com
kaparis-angelos-psy.gr
devfun.kekkle.nl
khunjon.com
links.staging.kontolink.com
daniele.lepetit-pisson.fr
www.lightsync.app
www.limsza.co.za
ytv.liveqa.jp
www.loanadmin.app
www.lostmu.wiki
app.luqra.com
malinastore.store
www.marianapparition.net
maxmcg.net
microfilm.ai
mikatux.fr
www.msasoftwares.com.br
www.mskhrsolutions.com
status.myrealfood.app
naprawabram.pl
www.neoma.cloud
assess-v2-dev.nside.io
www.overengineered.ai
patizan.org
portal.perfectlimosystem.com
game.pieterlinde.com
www.pimmia.pt
pixelweb.app
app.propertyfirst.co.uk
prostylebarber.ch
www.quantanal.net
auth.rajascafebar.com.br
demo.seekapp.eu
www.sfhardwaresuppliers.com
www.shipzzer.com
expert-staging.smartplant.app
spyfall.me
staige.org
bodarosamarenco.swanmoments.net
techsolutions.onl
silphium.testing.ly
timkay.us
www.travelumrah.co.uk
vikingos.turnosweb.app
www.tylerkucera.com
app.ucoachugolf.com
nutrifisio.v8app.com.br
vat35.online
www.verfidaccount.com
staging-ops.washdoctors.co.uk
www.worshipcommunity.music
www.yukalizola.com
yumdices.co.uk
app.yupay.info
test2.yupay.info
link.zeno.ltd
Other domains in certificate