Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=www.scienzaludica.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 03, 2025
Valid Until
March 03, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
38:BF:D0:05:78:F6:78:C5:C7:F7:90:0E:CC:AF:81:06:93:08:3D:5E:B2:7B:E0:19:24:4B:3A:B5:0D:1E:53:6A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
admin-staging.eql.ai
www.5bits.it
www.allaboardalliance.org
www.ashfrrd.co.uk
astrumgames.com
muybien10.aula365.com
baseed.co.jp
www.besanfra.com
risound.bluesapience.com
demo.bosscool.be
www.caamt.org
www.carfortest.ca
citrusclean.cc
backoffice.lab.cloudintercorpretail.pe
csiadambakkam.com
tools.cutinobilance.it
gudbooks.danimoya.es
www.test.devprestigeride.com
www.doq.chat
www.doskai.com
ecchi-code.com
www.eelclip.com
testnet.ensuro.co
testing.envisiondj.com
beta.ert.credit
fein-guad.at
donboscogent.flockim.com
freshness.be
gadiamonetaryfund.org
online.gatewaymarriageconference.com
links.golkee.com
www.grasshop.co.za
gtsol.net
www.gurayyilmaz.com
login.hardylingerie.com
hellocupcake.co.uk
http-javadoc.hertsstack.org
summer.hexagongames.in
hfrisk.org
hrautosolutions.com
humanoidmash.com
jadibooty.us
kartiny-i-ikony.org
kelvinsight.org
status.kenlo.com.br
go.kollekt.dk
dev.kombuchapunk.com
livebusinessupdate.com
qrh.liverpool.com.mx
comp3111.lotusfa.com
auth.maprinter.com
martinmaine.com
master-spa.com
masteryourtongue.com
mayjaymusic.sg
mooncat.pro
multinow.team
admin.mylahorikitchen.com
nadswarranty.net
nexilo.uk
www.nvoicepro.com
portal.odin.onl
cattool.onesky.app
livetracking.onroad.app
www.orderbearkingbrewing.com
pandoralive.jp
www.oas.passerelle.io
www.perfect-pentago.net
beta.platformheroes.net
brief.procaryote.com
www.react-most-wanted.com
updates.remote-id.net
dl-stgtest.ringitgames.com
rlorenzana.online
storybook.rocket.la
www.ryan-lee.org
www.scienzaludica.org
www.shivansh.ca
shivbababot-simpvestor.com
air-link.simplycontrol.cz
www.ss-trenchless.com
www.stateroads.com.au
admin.marker.stratosfy.io
www.swarf.co
tannermorlan.com
ma.techaula.net
thedefiningplace.com
thekilgorefilms.com
app.tripleaaaplus.com
www.tropezcapital.com
app.unacare.de
advisors.untied.io
g.untilgone.com
dev.aura.upswing.global
www.vinitaisnotana.me
panel.we-jump.nl
www.whitebear.asia
www.yearinreview.tools
www.yogalaya.com.br
zahedul.com
Other domains in certificate