SSL Certificate Analysis for spsoft.sk - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=www.teamsottozero.it

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

December 08, 2025

Valid Until

March 08, 2026 55 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

B8:3F:B6:A5:1E:A4:F7:E1:DD:E8:C2:8A:0F:81:37:21:11:9F:3F:63:E8:63:C8:75:8C:17:F6:BA:08:27:DC:14

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

spsoft.sk

Other domains in certificate

spokko.12traits.com

www.ac-managerhub.co.za

actiabogados.com

adventure-chase.com

advoca.app

l.aleric.pl

besnik.architects-and-architects.com

fa.ayukawayen.net

open.b3ams.com

beautyrank.org

bethebumblebee.com

link.biancalapuz.com

biedaalt.com

www.borondicustom.com.br

bbmanager-prd.cbros.it

christian-japan.com

binodwagle.com.np

www.ght.creativemaybeno.dev

dimensaodrone.com.br

www.dopawords.com

links.drakerly.com

innovaciondocente.utpl.edu.ec

www.efsungames.com

fabiobonadiman.it

fahimni.org

fastfront.biz

feedio.ai

www.feelthemusic.org.uk

www.freeguides.app

gamerpro.kz

halildogan.com

hellomethod.io

hitvapk.in

www.hotelbluelagoondaman.com

cloud.inside-graph.com

www.intosouthafrica.com

jakerathman.com

app.jellysync.com

www.jointaction.cloud

www.joshuamarsh.me

kefid.kef.com

www.kredio.se

leirvik.dev

www.lotuspremiercareltd.co.uk

magicdeals.app

mathematikoi.agency

agenda.mymoons.mx

www.myothercomputer.com

www.newspassport.co

pe.nexlab.ai

nixgarage.ca

no-particular-reason.com

nolanbutcher.com

nrid-mdx.com

www.onemovie.jp

lythuyet.onthigplx.vn

link.opusaffair.com

dev.organizemed.com

bdd.os-mose.be

pailove.tokyo

verify-test.partyva.app

estetica.pethomers.com.br

consignee.pickwings.ch

playchess.page

demo-lp.pyxal.io

qunying.es

randyvan.com

rapo.app

www.rclorto.com.br

reciperadar.app

app2.rehabmypatient.com

rocksplayer.com

sadhyaitpl.com

security.safecircle.africa

www.servimatfiregroup.com

stage.sharpexam.in

www.sheesh.vc

www.shivramverma.in

www.simon-huebert.de

www.slictionary.com

fb-connect.stage.smartkoda.com

www.solarenergysupport.com

www.songangel.com

startupvalidate.com

streetiq.ca

tradeconsent.suigenerisconsulting.com

www.teamsottozero.it

thedamkeeper.com

pracsys.staging.tritt.dev

tuko.us

twobirdsinc.ca

uchainplatforms.com

vernonsmiles.com

vpt.vidoori.com

vlive.media

app.engage.demo.voyagernetz.us

testing.vsing.my

skordefesten-signup.wntr.app

zetabrew.com