Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=imbianchino-ferrara.it
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 29, 2025
Valid Until
December 28, 2025
41 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
62:89:C2:98:8B:E9:CE:DC:18:DA:45:D7:D5:67:18:53:C4:BD:23:5D:59:9A:91:CB:D6:BA:71:CB:91:2A:74:55
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
ornstio.com
sta.phuket.psu.ac.th
africaeducationaltrust.org
hp.agencyspotter.com
promo.agtran.com
www.akshayrevankar.me
www.alfagift.id
alvarocamporro.com
everest.energia.app.br
brafurries.com.br
hub.brinkxr.com
portal.cardapioweb.com
www.closence.com
rkdental.co.in
on.coffideas.com
www.webo.com.hk
coperinno.com
cubstic.com
danielvargas.dev
darksecret.io
devdaj.tech
www.devdaj.tech
devstools.dev
diamond.fastsigns.com
staging.swagger.fastsigns.com
www.filingshots.com
link.gobubble-dev.internal.gobubble.app
goodconsulting.fi
www.greenplaque-consulting.com
hamarahairoil.com
www.hasanbahadirkoca.com
hrfysio.dk
ianpedraza.com
husternamtam.id.vn
iepp.app
imbianchino-ferrara.it
onboarding.cloud.ingka.com
fra.inout.properties
portal3.insyncapp.io
nahaus.jug-verwaltung.de
kahraman.io
kennedyracecars.com
khalha-lk.com
console.komaca.app
www.laredworkstationone.com
app.level2.tech
lifepulsecpr.net
hypernews.limeon.es
form.partners.litta.co
www.losfattoquotidiano.it
lovesinthehair.studio
calculator.manthano.ai
multiversety.com
danketsu.newm.io
my.notebird.app
nuvocentrix.com
app.obudev.in
dev.omedom.com
www.ondagoapp.com
devui.opensprinkler.com
pearsonconstructions.com
link.petwordapp.com
dev.pig-out.app
app.platos.in
gravity-staging.playpilot.com
ocm.pos.point4more.com
www.progettoorfanilagovittoria.com
projectvolger.nl
puragape.com
www.qonline.info
mesh-app.readr.tw
renumia.com
www.robust.codes
runtracker.me
safehaven18.com
saracogg.in
accounts.sgtbots.com
shalimarsojourns.com
web.sijilaty.com
simplrs.simpayx.com
simpletraveler.in
sketchx.in
www.smallmiraclesedu.net
uwcoi.smjleo.com
starvehiclefilm.com
stg-tower.sysgaming.dev
app.talhospitals.org
yourdevice.tanokatu.com
arcoiris.tcontur.com
tools.thangved.com
thechandraymurmu.com
thiago.page
form.thursdayhq.com
trekbookie.com
tzedekbox.org
unafactura.com
lalista.uqido.com
demo2.watchcomedy.live
weekkly.com
neptunes.whyq.com.au
Other domains in certificate