Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=re.mottini.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 13, 2025
Valid Until
February 11, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F4:34:8D:66:7B:78:CC:83:8F:AC:74:B0:8D:29:01:2C:3E:C1:05:E6:21:50:18:4C:09:20:78:6B:9F:30:92:99
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
re.mottini.org
aarveetraders.in
www.anantaracapital.com
anviitech.com
console-stage.ap-dock.com
atilal.ly
www.axl.coach
testnet.banza.xyz
app.botskyc.com
docs.botskyc.com
breakthewachain.com
capacitant.com
cherubimambassadors.org
southkorea.aid-air.co.il
zorya.co.in
codeyantra.in
auth.google.codingbear.dev
subhashjairu.com.np
conglive.sbs
media.crash2cash.de
www.media.crash2cash.de
www.cristianbuenoyoga.com
www.daocbuddy.com
deschaduwvandeoorlog.nl
www.dimension-solutions.com
dratin.com
driveyourcarhome.com
isobel850.dsmx.ca
dzolicdigital.com
electrikfix.com
eudavdata.com
nexus.factorem.co
uat-manipal.finncub.com
firecalc.com.au
officetroop.dev.fultongrace.com
www.gamer2gamer.se
gcbghana.com
news.greeny-app.com
snooker.hamzaashrafi.com
hikingadventures.fr
www.igloocoolingsolutions.com
incomatic.gr
www.indahhousekuching.com
itsmyid.cc
xu-alumni.jameventsph.com
chordo.joesteccato.com
register.joshbauer.com
jpinternationalschool.com
jubilaconcecy.cl
www.junipop.me
kephros.com
kobit.app
www.kurze-durststrecke.de
t.leelanupab.com
lesgooo.fun
app.liftun.com
app.llmedicalclinic.com
auth.locring.com
lostcount.golf
www.lostcount.golf
lovecake-confeitaria.com.br
marketim.site
app.meet2notes.com
www.melter.ro
misterarther.com
tradera.mooova.io
morphosis.co.za
mtwedding24.com
neztu.com
nioora.com
onpointapp.net
eib.onurbultan.com
phaisprzedaz.pl
phantomlightdesigns.com
app.phaver.it
pickstudio.kr
prompt-cheat.com
www.pureformstudio.com
em.qeiicentre.london
k-tuin.qrq.app
rabbion.ltd
shahidanwarllcuniversity.com
shreejian.com
www.simarahitam.com
beo.simrace-control.ch
sos.blue
tl.stockzp.xyz
www.sunopromptbuilder.com
webapp-uat.surgeonsforsurgeons.com
swarasudhaculturalacademy.com
termservices.pro
smokybeach.thediners.in
troli.io
u3aemerald.org.au
playground.userose.ai
healthy.vearuny.com
www.100.pn
xlr-8.ch
www.zhihan.rest
zhihan.rest
Other domains in certificate