Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.mattiamenegale.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 26, 2025
Valid Until
January 24, 2026
67 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
00:24:66:7E:2C:9B:F4:97:85:26:48:96:EF:37:CF:DD:A2:FB:44:E0:CA:9E:70:FB:16:93:E1:B8:09:D0:C2:F8
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
heyrobin.co.za
api.agilearn.app
www.amaranomadstay.com
beroepsethiek-bpsw.appdashboard.nl
arenatubi.com
www.ashfordcleaners.com
pokealt.beeringgame.nl
www.blockheight.dev
video.bople.kr
brainpower.design
bringdesign.net
cakemanager.shop
dl.careerpower.in
www.baptistmedia.co.zw
www.construvic.com.br
crafticsolutions.com
de-time.com
deviseconnexus.com
www.dibslist.dev
blog.dionz.com
www.dmitrytravels.com
eatlyapp.de
ecoforma.design
www.registration.egraft.co
furaha-digital.net
www.fyllamelee.no
hamrosadhan.com
www.hannahspetportraits.co.uk
www.happyrobots.pro
hostli.com.br
if-then.dev
intrilogy.in
hubtran-dev.ithrivefunding.com
jeandurandisse.me
www.juststream.au
quiz.kikcit.com
knowlesexcavating.com
old.koderia.sk
lc39.org
loka-stay.com
lucabos.ch
markabecker.net
materialize.tech
www.mattiamenegale.com
meander.media
fb.meinwgzimmer.ch
auth-dev.memberhub.de
memi.dev
admin.mightyminds.org
web.mytracks.run
nesportes.com.br
nhakhoametal.com
www.nightmorning.com
event.oishiisake.jp
www.onlinequrancenter.net
www.ploggingrussia.ru
polycate.com
primecomputing.in
admin.prohealthconnect.com
jimezdrave.prudek.com
www.pujieblack.com
app.qrbot.net
www.qudah.tech
link.raftaarr.com
saifkarnawi.com
sarahabdelnasser-chemistry.com
www.sarcomeredynamics.com
afairsevents.tingg.sarcontech.com
scratchbilling.com
app.sensly.be
www.sertosoftware.com
shumat.jp
www.soldem-recruit.co.uk
www.somogrow.app
app.sprintorun.com
challenge.stashhubapp.com
strouwi.be
www.sustainable-clouds.com
www.svetoraholdings.com
swift-menu.com
swifter.ai
taplistic.com
teampsychbroadcast.com
m.thebermuda.net
www.thegenaitoolbox.com
www.tipgenie.com
titanium-metal.com
tnoti.com
www.trasportoscolastico.org
truthtradingcompany.com
www.ustheta.com
venturaiot.com
veopop.com
www.vglgrand.com
vishwadattaayurved.in
www.werkgroeplhee.nl
workwise.team
yugank.dev
www.zdo.com
zeone.in
Other domains in certificate