Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=asterixkombat.it
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 29, 2025
Valid Until
January 27, 2026
57 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
35:71:B8:0D:D4:72:68:D7:63:60:DA:B1:46:0A:0F:E8:47:F4:CC:58:B8:DA:D2:A8:09:55:90:54:DB:37:D1:F6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
adamaintenanceservicesltd.ca
2009.bloggies.com
www.advertisingdata.com
akoura.aisfg.com
akoliyagroup.com
almapinturas.com.ar
ang.ar
arab.apayrus.cc
aptitudelabs.com
ahorro.arvfinplanner.com.mx
test.arvfinplanner.com.mx
asterixkombat.it
beit-solutions.pt
bgt-family-fitness.com
card-table.bjoernveit.com
www.bloom-st.com
www.brownrunningclub.com
buildinggroupsurveys.com
chinesein10.com
www.cipkg.com
www.powerpoint.co.il
suvidhamart.co.in
doctor.afya101.co.ke
kisaki.cotori.cc
lunchroulette.cyberlago.net
dairygoatmanager.co.uk
diglosfera.com
www.dnmmaintenance.com
www.dorodango.hu
www.equipcar.net
www.ermplanet.com
stage-order.farmacare.dev
app.fatherroyal.com
fetanx.com
www.fine-artis.pl
flowmasters.fi
dashboard.foudroyer.com
getsegno.com
hackettlab.org
halalcoders.com
www.handzon.ca
www.hcwatches.co.uk
history.hdu.help
herosahko.com
www.herosahko.com
highridge.app
www.hypnotize.nz
instantdiff.com
jcid.co.za
mahjong.jt501.com
zebrabox-dev.keynexis.com
www.closer.lawlabs.ca
www.lelije.et
www.lmfi.co.uk
staging-app.lutzlotte.de
manfroiweb.com.br
p.maxxus.nl
www.mckcontractors.com
nicebucket.medianochelabs.com
donor.mframe.ca
joinnow.milifestylemarketing.com
www.msexceltraining.ie
mychekup.com
myels.space
www.myopatterns.com
nicobonora.xyz
noobor.com
podcast.overbuild.top
pasivniprirodnidomy.cz
cus.pnv.vn
dashboard.prezcall.com
www.ptyconsult.com
app.qualimi.com
ramanasresidency.com
www.dev.randivoo.ma
senlu.kr
app.simpletrain.ch
dev-static.sompo-de-noru.jp
www.spaceresx.com
www.stage.ssmt.app
www.sstinc.jp
bodadiazvillalobos.swanmoments.lat
bodapaolayjose.swanmoments.lat
thevangoghstudio.com
medone.timee.com
l.tinka.nl
tintegra.cl
skitrac.tractivity.cloud
auth.vectorminds.in
www.venture.zone
hook.videolink.app
www.videoworkwiki.com
wander.live
www.warcomposers.co.uk
login.app.weje.io
whatsyourlist.com
www.whattosay.kr
developer.wink.travel
dev.woo.network
yukukuru.com
Other domains in certificate