Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.cercacarrozzeria.it
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
33 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F8:1B:A9:95:61:30:99:7A:19:D0:30:CA:D6:7A:E3:7A:5D:B2:EA:7C:DC:75:12:2E:95:C9:48:EE:AB:9E:3B:8A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
token-sale.beyondi.ninja
2pennies.net
aftonomo.com
app.ahazou.com
ai.alchemica.agency
amascarello.com
angular.dev
hamedo2.anyware.software
www.apemax.io
togokitchen.asap2go.com
www.avenidaveiculosptc.com.br
balazstoth.hu
venues.barmapper.co.uk
basketballireland.tv
birthdays.email
blogletter.cz
static.bluestars.org
test.byteed.com
www.cercacarrozzeria.it
roster.chatterslaundry.co.nz
core.v3.contentfabric.io
www.couperus.dev
dq8.d-navi.net
landing.dashport.run
www.dingvoice.com
dunaweekend.com
thiruvallur.eacabs.com
www.flantool.com
enterprise.flutterflow.io
www.furry-online.com
getresponse.chat
app.getvidon.com
goldn.onl
irumagunshi-950559.ndljp.grikk.co.jp
hopscotch.academy
integrationhub.idealofsweden.team
www.ileco2.pl
inezjonsson.se
ingpine.com
guardian.inpulse.education
kine-ortho.isi.pf
jubileeswingdance.com
polymer.junaid.guru
gestion.kayou.nc
walletqa.kaytrust.id
marketcap.keymajorcoin.com
www.koalendar.com
koren.gal
www.kristapadgett.com
landmarkt-hammereisenbach.de
lucianoivansoro.com
omnicom.madhive.com
www.mark-cs.com
www.martialcoder.com
manager.millsta.com
www.minhdo.info
link.business.mojob.io
www.monk-soft.com
share.neoufitness.com
nokwandam.co.za
notaiobasso.it
www.orin-news.com
www.outch.work
pagexray.com
resume.pedlop.com
www.pestprosol.com
appointment.physiobalance.fit
dev.admin.plan2win.be
bsecure.platebni-brany.cz
success.playmetrics.com
referral.playstore.playship.com
pointly.ch
www.pokobarko.com
protectors-of-balance.de
www.raise.live
realtorvarma.com
recursivetechsol.com
rolfborjlind.com
beacon-park.dashi.staging.sasaki.com
sms.selfcity.fr
shellynews.com
siposistvan.com
live.snapmentor.no
spsfulfillment.com
tetris.stackskull.com
choirtracks.sullenart.co.uk
integration.taxnitro.com
www.tensecondsatatime.com
therelief.in
d.dash.seeker.tibilsolutions.com
www.truleaf.in
wholesale.uggaustralia.com.au
permm.phar.umich.edu
voucher.demo.uniqgift.com
wifi-plug.vicnastea.io
invitation.wavescool.com
wikmit.com
www.yedding.com
zahnaerzte-kroker.de
ajudabase.zrb.jp
Other domains in certificate