Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.alegranti.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 03, 2025
Valid Until
March 03, 2026
82 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F1:02:6F:7E:F9:D6:6A:AE:D9:48:7F:12:7F:99:A7:1C:5E:17:26:AD:A7:FF:EC:FE:56:56:BD:D6:CE:21:BB:0A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
reuternatursteine.de
dev.tokenregistration.3rbehavioralsolutions.com
www.4drec.com
www.aganhealthcare.com
www.ajour.ch
www.alegranti.com
beta.anhtran.me
www.ar-upopoy.jp
aryadinata.com
bamsbung.com
suite16.beckyphan.com
get.betterlivingthrough.com
staging.app.beyondboundaries.app
bigbul.in
arrest.bitnullcorp.com
noccanocca.boardgamesquare.com
www.bodycaremantra.com
www.bukdin.com
cerebrum.group
chessui.com
sflab.co.kr
admin.codergym.fit
coolmoves.fun
crazy-felix-games.de
cuttimeapp.in
deardiary.wtf
www.diversit.eu
douganjard.com
editloop.xyz
www.eksnuoma.lt
www.ennovatix.com
api-sandbox.eql.ai
www.extremalimpezaparceiros.com.br
www.fezrestia.link
www.fork.software
grupoeldanes.com
checkin.halozen.com
financeiro.hd-informatica.com
himatography.com
hirenpatel.me
pvnp.staging.illust.space
vietnamesecafe.inhouseorders.io
beta.teams.insiteapp.co.uk
www.institutoshinko.com.mx
staging-api-crest-conecta.inteligenciamkt.com.mx
portal-new.itsmytown.co
www.sok2.katalysatorduravermeer.nl
ligas.kubofinanciero.com
lautaroaguirre.com
www.laxman.tech
www.lehongthai.vip
www.loyca.app
luckynao.com
manlyman.tv
michaelwan.com
minutefit.xyz
campaign.iridge.dev.moneyeasy.jp
moravzla.com
forecastock-admin.nbcient.com
neomai.hair
link-csconect.nibo.com.br
noukker.com
app.pointsfood.com
www.projetoelcana.com.br
assets.promis.fr
id.ratafia.app
www.rean.in
client.dev.rebus.com.co
app.refuahmobile.com
auth.remoteteambuilding.com
resizeimage.io
rhythmwireless.io
auth.rishikesh.app
www.rkc.ua
www.roman.jetzt
sachivatech.com
schedulelab.io
api.senselabs.ai
seudev.com
workout.simonton.app
sourceon.io
sphinx.studio
dev.demo.stykite.com
surveylink.xyz
teamvideos.com.br
www.thepaulson.com
docs.thesportstation.com
vet.tinytintoy.com
to-do-map.com
paths.topjobexplorer.com
promo.udux.com
hma.vayudoc.com
rec.vianetti.com
sandbox.viridios.ai
watchparty.group
www.whiteoutclimbing.de
www.00010110.xyz
yukaku-1453000.ndljp.xrikk.xyz
www.carpool.yedem.io
www.survey.yoxiapp.io
Other domains in certificate