Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=cesarnorena.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 24, 2025
Valid Until
January 22, 2026
69 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
43:D3:69:A3:BD:AD:75:B3:65:33:FA:D0:E8:75:BB:2D:D5:37:25:19:44:43:04:83:0D:33:24:F4:3F:84:70:16
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
yshsafety.com
pix.2rpay.com.br
3dhandscasting.com
live.agencia352.com
invite.hillel.aimpact.ai
portal.akscrackersagency.com
www.andrepasquali.com
www.arandu.academy
billsreminder-auth.ascent24.io
axerapy.com
dev-www.beerawardsplatform.com
prod.app.bioledger.io
www.borisgauty.com
www.brewzinga.com
budgetburndown.app
avk.cammetalapp.com
cesarnorena.com
chushki.com
dev-pro.colavosalon.com
www.colonoslashigueras.com
api.prendamas.com.bo
www.kiranuprety.com.np
www.oymakgroup.com.tr
ctcs.app
www.cutiesbistro.com
magnetar.cycraft.co
royalflowers.dbateknoloji.com
www.digicolony.com
www.domoticacreativa.com
dotadraft.app
www.drmarwaelaraby.pro
edg-studio.com
peddlar.edlin.app
app.elniple.com
emi.moe
preval.exploredata.app
energies.fiyom.com
www.equitax.fiyom.com
share.furt.money
carrito.futuralabs.io
headmin.com.br
helpbuy.app
www.highapps.am
simulacao.holu.com.br
apps.hyloca.com
www.ibsyn-scientific.com
www.ichefy.com.br
cloud.indriks.com
app.kantahome.com
kencrites.com
www.krazimo.ai
bravo-yankee.lajoscseppento.dev
divided.lekssoft.com
articles.libertytips9.com
www.limitlessbeing.xyz
linds.world
www.lingobridge.app
locapartner.com
www.loopfinance.com
demo.looppanel.com
losbrutosbarbearia.com.br
affco.m2x.app
demo4.mmevent.no
mytopcard.app
novecentoventi.it
www.offerarcher.com
orderlocal.app
patchgame.pinaxproject.com
pirkkalankylatalkkari.fi
m.proginelectricite.ch
payexpert.qburst.in
qyn.app
rdj.app
predict-demo.re-ynd.com
hello.rello.co
driver.ridezum.com
rodolforamosalvarez.es
www.saiki.lol
jvest-alpha.servicecraze.com
www.shinefunctionalmedicine.com
shopsheet.io
m.siply.in
spolo.smagai.com
sgk.softech.cloud
softuniverse.com.au
admin.soincon.es
rainbowcone.sqwadhq.com
storytrain.org
straetus.app
dashboard.tansy.app
tarongors.es
www.ten2ten.io
tom.cash
ghs.topic.com.ar
www.urbandens.co.uk
inspector.vapta.co.uk
auth.voexa.com
now.waw.pl
wordslink.in
workinout.app
Other domains in certificate