Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=gloom.it
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 01, 2026
Valid Until
July 30, 2026
60 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3C:73:9B:D3:41:EE:C8:1E:16:48:D2:77:0B:09:CB:52:A5:F5:3E:95:39:FA:99:3C:9B:B9:8F:A7:B4:11:52:D3
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
cegpt.com
*.cegpt.com
*.m.cegpt.com
*.sitemap.cegpt.com
384v.xyz
*.384v.xyz
*.admin.384v.xyz
*.dev.384v.xyz
*.mail.384v.xyz
atassian.net
*.atassian.net
*.com.atassian.net
*.denovo.atassian.net
*.gfnw.atassian.net
*.hkt-itsm.atassian.net
*.hoffmann-group-digital.atassian.net
*.hyperaccel.atassian.net
*.mediscreen.atassian.net
*.relais.atassian.net
*.sempiolabs.atassian.net
*.specialist.atassian.net
*.technology.atassian.net
*.ww25.atassian.net
*.ww38.atassian.net
bisonos.com
*.bisonos.com
*.admin.blankform.art
*.api.blankform.art
*.app.blankform.art
blankform.art
*.blankform.art
*.demo.blankform.art
*.dev.blankform.art
*.gestion.blankform.art
*.shop.blankform.art
*.site.blankform.art
*.test.blankform.art
*.www.blankform.art
dahlonegaactiondogs.com
*.dahlonegaactiondogs.com
*.ifzjli.dahlonegaactiondogs.com
gloom.it
*.gloom.it
*.hostmaster.gloom.it
*.succession.gloom.it
grm.au
*.grm.au
*.mailserver.grm.au
*.a.marydinero.com
*.cpanel.marydinero.com
marydinero.com
*.marydinero.com
*.short.marydinero.com
*.webmail.marydinero.com
*.m.mavenplanners.com
mavenplanners.com
*.mavenplanners.com
*.comune.movies4u.live
*.hostmaster.movies4u.live
movies4u.live
*.movies4u.live
*.www.movies4u.live
newtpki468.com
*.newtpki468.com
*.www.newtpki468.com
opensooq.life
*.opensooq.life
*.www.opensooq.life
*.32.renovatio.studio
renovatio.studio
*.renovatio.studio
*.mail.stellarrally.com
stellarrally.com
*.stellarrally.com
*.api.vipjogo.bet
*.channel.vipjogo.bet
*.promoter.vipjogo.bet
vipjogo.bet
*.vipjogo.bet
w13727821.com
*.w13727821.com
*.2b027c63-3bab-491a-bc19-de0b48238439.xoge.meme
*.75c95b1f-b204-4a19-aee0-7c45f0290ac3.xoge.meme
*.app.xoge.meme
*.mail.xoge.meme
*.www.xoge.meme
xoge.meme
*.xoge.meme
zalander.se
*.zalander.se
Other domains in certificate