Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=alignment.studio
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 04, 2026
Valid Until
August 02, 2026
67 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E6:B1:93:D9:C3:BF:90:BA:5E:2F:E1:6A:F3:43:2D:B5:96:E7:C9:C0:72:4C:3F:29:53:1C:0A:E9:2A:55:B7:BC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
pagas.com
*.pagas.com
*.alumni.pagas.com
*.img1-fg.pagas.com
*.pagas173-119.pagas.com
*.pagas173-140.pagas.com
*.pagas173-150.pagas.com
*.pagas173-246.pagas.com
*.prod.pagas.com
*.32.alignment.studio
alignment.studio
*.alignment.studio
antisocial.agency
*.antisocial.agency
*.demo.antisocial.agency
*.mail.antisocial.agency
*.ww25.antisocial.agency
*.www.antisocial.agency
apeelssciences.com
*.apeelssciences.com
*.marketing.apeelssciences.com
*.mds.apeelssciences.com
*.nobl.apeelssciences.com
*.origin.apeelssciences.com
*.quality.apeelssciences.com
*.realmedia.apeelssciences.com
*.users.apeelssciences.com
*.v28.apeelssciences.com
*.ww38.apeelssciences.com
bestcams.io
*.bestcams.io
*.board.bestcams.io
*.br.bestcams.io
*.de.bestcams.io
*.nl.bestcams.io
codexfolio.com
*.codexfolio.com
*.notiva.codexfolio.com
daubo.com
*.daubo.com
*.img1-fg.daubo.com
fganz.info
*.fganz.info
*.www.fganz.info
illinoistollay.com
*.illinoistollay.com
*.random.illinoistollay.com
*.14.kiinohoote2.shop
kiinohoote2.shop
*.kiinohoote2.shop
*.ww38.kiinohoote2.shop
*.ff574ee6-27c8-43b4-bfc9-304b3d0e96ac.mamahd.me
mamahd.me
*.mamahd.me
*.staging.mamahd.me
marykaintouch.com
*.marykaintouch.com
*.ww38.marykaintouch.com
*.dev.movierulzhd.digital
movierulzhd.digital
*.movierulzhd.digital
*.132flirw9lir0x51.projectcranberry.xyz
*.52nsl4zto87lp4sf.projectcranberry.xyz
*.70d5dcdb-3c9d-42b7-9cb9-b1833bd97685.projectcranberry.xyz
*.admin.projectcranberry.xyz
*.api.projectcranberry.xyz
*.app.projectcranberry.xyz
*.assets.projectcranberry.xyz
*.jylxw52nsl4zto87lp4sf.projectcranberry.xyz
*.k7dbyek7n0zlcxuv.projectcranberry.xyz
*.mta-sts.projectcranberry.xyz
*.pro.projectcranberry.xyz
projectcranberry.xyz
*.projectcranberry.xyz
*.sitemap.projectcranberry.xyz
*.sitemaps.projectcranberry.xyz
*.stat.projectcranberry.xyz
*.test.projectcranberry.xyz
*.wildcard.projectcranberry.xyz
*.ww2.projectcranberry.xyz
*.ww25.projectcranberry.xyz
*.ww38.projectcranberry.xyz
*.cloud.vans.bio
vans.bio
*.vans.bio
*.www.vans.bio
*.v4.vwxxy1.xyz
vwxxy1.xyz
*.vwxxy1.xyz
Other domains in certificate