Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=playlist.marcomengoni.it
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 27, 2025
Valid Until
December 26, 2025
39 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
20:7E:A3:60:D5:67:C5:DC:7E:46:5D:F9:BE:3B:AE:2D:01:02:E6:54:A8:65:29:08:85:C1:DF:49:8C:0B:37:1E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
minicubex.com
staging.host.10seat.com
success.22d.tech
portal.cmis.ac.in
www.albaseguros.mx
alpenglow.systems
ammarweb.org
www.hm.ampersand-it.com
figma.beforepost.com
www.bitautor.de
dl.bk.com.co
bondr.no
feedin.cafejs.net
cloudcog.hr
www.compaxplant.com
deeplink.tw
www.digi-shark.de
dios.dk
djin.co.uk
notification-center-self-service-staging.gassets.emarsys.com
prioridades.epistema.com.br
www.epoksikaluste.fi
www.frostybasket.com
adminportal.furtrieve.com
auth.gamsatlab.com
gatorsnft.io
admin.geminitradesolutions.com
www.getluckyfind.com
www.getotech.in
www.gr8rsmsmanager.com
pics.hellonimbly.com
demo.hnhconsulting.ca
app.horseracesnow.com
dev-bkeep.hostabee.com
humancapitalcredit.org
hypnosismic-2nd-drb-vrbattle.com
lokally.icts.io
www.ieyalsolutions.com
www.indiic.com
irregularverbs.fr
trailman.janakj.org
www.kheyra.com
www.kwjames.com
www.lgd-design.pt
www.lovepawshomestay.com
aiov.lsceco.cloud
merchant-dev.luna.vip
www.malkaesther.com
mammografiprogrammet-konferanse.no
playlist.marcomengoni.it
mariusproton.fr
testing.marvelmatch.com
retro.massivenerds.com
www.mcgeary.dev
medicapi.com
barts.partners.medics.academy
michaeluniversity.org
mohanedarif.com
h-farm.monacofoundry.com
therace.montblancexplorer.com
motorider.online
app.myfastpcba.com
myspecialexperience.com
nordlink.dk
redirect.norma.co
pilot-admin.omnicurenow.com
one8right.com
app.openq.co
bksgdev.order.place
www.originaldog.in
dashboard.pbj.live
ahd.pdbit.nl
photalitarian.com
phrases.world
staging-test-tenant.qburst.in
www.quote-ninja.com
www.rcos.in
stg.hachimaki.re2fe.com
app.reclip.pro
relaxsounds.app
showroom.rocahardware.ca
fasttrack.rothbury.co.nz
www.royalmobileapps.com
questions.dev2.screencastify.com
www.severaltech.com.ar
links.dev.shwdwn.io
snapdecision.app
app.staffwriter.co
auth.staging-homehub.site
cdn.study-habits-dh.com
www.thirusiasacademy.com
analyze.tienphan.work
tiger.voyage
pilates-girona.timp.io
tinkerersagar.com
utkueray.com
v2.weezer.fr
www.xin-squared.com
sheep.zapdev.net
www.zenreki.systems
Other domains in certificate