Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.alibaba-inc.com
Issuer
C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 OV TLS CA 2024
Valid From
July 29, 2025
Valid Until
August 30, 2026
284 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FB:F9:56:50:9E:5B:2B:08:AD:D3:16:FD:CC:0F:D4:22:03:51:90:F6:9D:9A:B2:AB:94:E8:D4:66:1F:BC:F4:19
Alternative Names
Security Configuration
TLS Protocols
TLS 1.0
TLS 1.1
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
Warnings
- • TLS 1.1 is deprecated and should be disabled
- • TLS 1.0 is deprecated and should be disabled
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
105 domains
alibaba-inc.com
*.alibaba-inc.com
*.183e.alibaba-inc.com
*.ab.alibaba-inc.com
*.adcinst.alibaba-inc.com
*.agent.alibaba-inc.com
*.aicoding.alibaba-inc.com
*.aione.alibaba-inc.com
*.alicom-ops.alibaba-inc.com
*.aliyun-region-vpc-ap-southeast-1-mw-mcp-internal.alibaba-inc.com
*.aliyun-region-vpc-ap-southeast-1-mw-mcp.alibaba-inc.com
*.anpm.alibaba-inc.com
*.aone-agent.alibaba-inc.com
*.aoneagent.alibaba-inc.com
*.api-mw-inner.alibaba-inc.com
*.api-mw.alibaba-inc.com
*.asi-service-inspection.alibaba-inc.com
*.cloud-ide-aws.alibaba-inc.com
*.cloud-ide-hz-damo.alibaba-inc.com
*.cloud-ide-qh-damo.alibaba-inc.com
*.cn-zhangbei-center-ha3.alibaba-inc.com
*.coc.alibaba-inc.com
*.cpo.alibaba-inc.com
*.crowork.alibaba-inc.com
*.csb-broker-cn-zhangjiakou.alibaba-inc.com
*.csb-broker.alibaba-inc.com
*.daraz-workstation.alibaba-inc.com
*.data-engine.alibaba-inc.com
*.dmsp.alibaba-inc.com
*.dt-fc.alibaba-inc.com
*.dualstack.alibaba-inc.com
*.emulation.alibaba-inc.com
*.fn.alibaba-inc.com
*.function-cn-internal.alibaba-inc.com
*.h.alibaba-inc.com
*.hdfs-storm-nimbus.alibaba-inc.com
*.hosting.alibaba-inc.com
*.ide-tmap3-ea133.alibaba-inc.com
*.industry-workbench.alibaba-inc.com
*.io.alibaba-inc.com
*.jdbc.alibaba-inc.com
*.jubao.alibaba-inc.com
*.linglong.alibaba-inc.com
*.m-ds.alibaba-inc.com
*.mixteam.alibaba-inc.com
*.mlflow-ide.alibaba-inc.com
*.mmcops.alibaba-inc.com
*.net.alibaba-inc.com
*.npm.alibaba-inc.com
*.odps-storm-nimbus.alibaba-inc.com
*.opensearch-inru.alibaba-inc.com
*.opur.alibaba-inc.com
*.ossproxy.alibaba-inc.com
*.paasbase.alibaba-inc.com
*.pai-aidc-test.alibaba-inc.com
*.pai-aidc.alibaba-inc.com
*.pai-damo.alibaba-inc.com
*.pre-aliyun-region-vpc-ap-southeast-1-mw-mcp.alibaba-inc.com
*.pre-aoneagent.alibaba-inc.com
*.pre-api-mw.alibaba-inc.com
*.pre-builder.alibaba-inc.com
*.pre-cestlavie.alibaba-inc.com
*.pre-cros.alibaba-inc.com
*.pre-csp-site-test.alibaba-inc.com
*.pre-daraz-workstation.alibaba-inc.com
*.pre-faas.alibaba-inc.com
*.pre-fn.alibaba-inc.com
*.pre-hosting.alibaba-inc.com
*.pre-industry-workbench.alibaba-inc.com
*.pre-linglong.alibaba-inc.com
*.pre-mikey.alibaba-inc.com
*.pre-mixteam.alibaba-inc.com
*.pre-mw-mcp.alibaba-inc.com
*.pre-qfc.alibaba-inc.com
*.pre-s-app.alibaba-inc.com
*.pre-sandbox.alibaba-inc.com
*.pre-x-dep.alibaba-inc.com
*.pre-x-dsp.alibaba-inc.com
*.preadcinst.alibaba-inc.com
*.qfc.alibaba-inc.com
*.qxz-webide.alibaba-inc.com
*.rc.alibaba-inc.com
*.rds.alibaba-inc.com
*.s-app.alibaba-inc.com
*.sandbox.alibaba-inc.com
*.sh-aigw-main-tt-common-internal.alibaba-inc.com
*.sh-mw-mcp-internal.alibaba-inc.com
*.sh-mw-mcp-office.alibaba-inc.com
*.sh-mw-mcp.alibaba-inc.com
*.tao-finance.alibaba-inc.com
*.tisplus.alibaba-inc.com
*.universe.alibaba-inc.com
*.vectordb-pre.alibaba-inc.com
*.webide-b.alibaba-inc.com
*.webide-ea119.alibaba-inc.com
*.webide.alibaba-inc.com
*.x-dep.alibaba-inc.com
*.x-dsp.alibaba-inc.com
*.xo.alibaba-inc.com
*.ygg.alibaba-inc.com
*.zyd-ha.alibaba-inc.com
test.aliyun.alibaba-inc.com
*.ap-southeast-1-internal.ha-work.alibaba-inc.com
*.cn-zhangbei-center.ha-work.alibaba-inc.com
*.ide-paib.dsight.alibaba-inc.com