SSL Certificate Analysis for dev.gidget.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=bungoustrydogs.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 22, 2026

Valid Until

August 20, 2026 83 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

1D:91:8F:4A:3F:1B:0D:BC:D1:75:C2:D4:18:D3:32:62:47:00:F9:3F:68:86:E4:D4:0F:EF:03:B4:72:DB:96:6B

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

gidget.it *.gidget.it *.dev.gidget.it *.yt.gidget.it

Other domains in certificate

21meals.io *.21meals.io *.ww25.21meals.io

aidevices.co *.aidevices.co

*.autodiscover.bungoustrydogs.com bungoustrydogs.com *.bungoustrydogs.com *.gate.bungoustrydogs.com *.git.bungoustrydogs.com *.sitemaps.bungoustrydogs.com *.vc.bungoustrydogs.com *.webdisk.bungoustrydogs.com *.ww1.bungoustrydogs.com *.ww7.bungoustrydogs.com *.ww99.bungoustrydogs.com

crecic.cl *.crecic.cl *.email.crecic.cl

*.api.digitalassets.trading *.autodiscover.digitalassets.trading *.backup.digitalassets.trading *.dashboard.digitalassets.trading digitalassets.trading *.digitalassets.trading *.fionljkv.digitalassets.trading *.gitlab.digitalassets.trading *.m.digitalassets.trading *.marketing.digitalassets.trading *.secure.digitalassets.trading *.staging.digitalassets.trading *.uat.digitalassets.trading *.v2.digitalassets.trading

eanxeaeanxeaeaawscihiatzbp.co *.eanxeaeanxeaeaawscihiatzbp.co

echinacea.xyz *.echinacea.xyz

*.0g84nmqrmm.haerbin01.cn *.4d31d8wz33g1r5z.haerbin01.cn *.acipngfc4x.haerbin01.cn haerbin01.cn *.haerbin01.cn *.iw998wdypv.haerbin01.cn *.mf2m3849x1qsn8a.haerbin01.cn *.www.haerbin01.cn

iwylr.bet *.iwylr.bet

morningblisscafetx.com *.morningblisscafetx.com *.new.morningblisscafetx.com *.ww38.morningblisscafetx.com

*.admin.questionedisoldi.it *.hostmaster.questionedisoldi.it *.mail.questionedisoldi.it *.owa.questionedisoldi.it questionedisoldi.it *.questionedisoldi.it *.reporting.questionedisoldi.it *.superset.questionedisoldi.it *.w.questionedisoldi.it

*.cpcalendars.renbet.co renbet.co *.renbet.co *.shop.renbet.co *.www.renbet.co

*.client.rlws.org *.connectvpn.rlws.org *.elmviwebmail.rlws.org *.gateway.rlws.org *.login.rlws.org *.m.rlws.org *.mobile.rlws.org *.office.rlws.org *.remoteaccess.rlws.org rlws.org *.rlws.org *.secureaccess.rlws.org *.ssl.rlws.org *.sslvpn.rlws.org *.vpn1.rlws.org *.vpn2.rlws.org *.web.rlws.org *.webconnect.rlws.org *.webvpn.rlws.org

tzdgwzwhjv.net *.tzdgwzwhjv.net