Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.angelcareaga.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 03, 2025
Valid Until
January 01, 2026
39 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
85:80:58:D0:57:3A:63:43:41:75:83:AB:18:5F:DE:01:55:5A:2E:70:69:D6:F6:DB:E2:B5:1C:79:D6:60:D4:0D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.superpenguin-finance.com
1f8.co.jp
www.aiawareapp.com
andreiweber.com
www.andresarriagasrl.com.ar
www.angelcareaga.com
op.aniketkadam.com
drops.animalroyale.com
www.aniruddhapandit.com
www.ankusoft.com
blog.anonacy.com
anrongchoi.com
antoniosimonetti.com
applepromonthly.com
gallery.applicotsource.com
appscodehq.com
documentation.appsonair.com
aqnllamo.com
archerious.com
agency.arkforge.net
asopampach.com
www.asopampach.com
aus-iot.com.au
firebasedev.belk.com
brprocess.com.br
ma.bsf999.co
ceylon-odyssey.com
chandayu.com
www.chandayu.com
choreoplanner.com
intentic.co.in
www.intentic.co.in
contadoraeliane.online
contadoraeliane.store
almargas.dataprop.cl
new.datavision-online.eu
devsports.co.uk
dradhd.ca
wise-survey.e2community.org
dhemsparakkadavu.edu.in
emanuelxavier.dev
dev.etisone.com
harshal.etisone.com
app.fud.coach
gexotech.xyz
login.gklearnstudy.in
healthamaze.in
www.heartheaded.de
www.hiphoptimer.com
ultra-beta.icompass.ai
technical.igeddit.ca
www.inventarix.com
showroom.jacquemus.com
jocki.me
jonathanwon.com
joshowatrading.com
kalospoon.com
labanczagnes.hu
laurafrainer.com
store.layers.education
leahjia.com
maiayoon.com
mariabalaet.com
marlinmaster.com
melvynglobal.com
www.melvynglobal.com
www.midirautomation.com
admin.muzigen.net
nekostagram.com
mslabs.net.in
notethings.com
nozleesamadzadeh.com
admin-user.oarol.com
personalists.com
www.pikaleads.com
playdicehard.com
prog-sol.com
pryzm.one
www.qataroutletexhibition.com
www.rapidtests.io
staging.www.rowdybrands.store
www.royalnatural.net
selfcontainered.co.uk
sixsides.io
mail.softwarewagon.com
solidcodev.com
solotrade.com.br
void.solotrade.com.br
www.splxit.com
www.trivinn.com
dressing-room.uwucrew.art
www.vapealicious.us
viasalus.in
vocchi.me
buzzwordsearch.voxelcubes-games.com
cocospuzzlequest.voxelcubes-games.com
wumbleopus.com
wydwarlock.com.br
app.zenflowchart.com
www.zivotopis-snadno.cz
Other domains in certificate