Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.vinologist.co.za
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 04, 2025
Valid Until
January 02, 2026
48 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5C:12:25:DE:05:7A:67:4D:25:E8:34:97:69:A0:C4:9F:4D:DE:7F:41:A6:9A:BB:53:97:23:D4:D9:EA:F1:54:B2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
eanint.org
pwa.sagt.acuizen.com
docs.dev-thecsas.algo-artis.ai
archive.anevent.co.za
www.arakene.com.br
askquikstrike.info
ateamspot.com
avcoding.com
azmeelsukuk.com
beeutful.com
www.teszt.belso-csalad.hu
www.boddyspargo.com
www.bridgescript.com
ipd.byhc.group
www.cadeonibus.com.br
capsol.us
www.chassisrobert.be
fwd.cheart.io
www.cinetrips.com
deeplinks.citypop.app
admin.cnect.jobs
akshikacarecenter.co.in
gift.bnbd.co.kr
coalyte.com
www.cocukkulubu.com
www.discgolfmanager.com
weather.dotuntalabi.ca
superadmin-dev.driverguide.is
edmontonphotoradar.com
eng.ivsacademy.edu.vn
alunas.englishcomcami.com
link.evalmycar.com
expressvisadubai.com
fameoil.com
fawan.space
admin.freightra.com
login.fretec.app
dl.pre.galgo.tv
georgemaclean.com.au
gestionpaye.com
green.legal
hotcryo.co.uk
houseofcarslondon.co.uk
studio.husori.com
hyperpolybook.com
www.risk.in-compliance.ch
indiapp.live
innovabrick.com
insertwonderhere.com
www.jurciusodyba.lt
kairitis.com
happyness.kawatta.com
kmoschatter.be
lffl.ch
lilychencodes.com
api.lipsurf.com
app.litsoftware.com
livelearnquran.com
www.looky.cloud
csob-exponea.lukascech.cz
museotechniki.com
nvdr.space
oblizujeme.cz
ejin.or.kr
admin.orderease.com
plantjournal.ovaldo.sk
www.palakkadonlinenews.com
parasets.parallel.life
www.pinitial.com
start.pitchscore.com
tailored.preventtool.com
phoenixweb.primeinstore.co.za
link.printee.app
api.protoworld.io
agency-demo.pupau.ai
videowall.redant.cloud
auth.beta.portal.riggsdavie.com
riply.in
auction.rwrc.net
haverford.engage.sasaki.com
www.secondworld.games
seedboxlab.com
sekocitylogistics.co.uk
spectrumsolutions.in
stylelimb.uk
sushibelgium.be
app.synthesisrpg.com
www.sysco.ru
taskontable.com
thehbk.com
thesimplemaths.com
trayn.com
tulsaontap.com
app.ujama.co
unrealfaruk.com
www.unrealshowcase.org
rubik.untitled.cl
vetexpress.net
gerdle.vext.co.uk
www.vinologist.co.za
Other domains in certificate