Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=tos.penguinpass.it
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 01, 2025
Valid Until
March 01, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DE:46:04:D7:66:F0:91:27:44:DC:0F:C5:19:C4:9A:C2:57:24:89:0C:37:1B:96:08:AD:3B:B6:B0:14:0A:B9:C8
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
track.ssdg.no
stores.abacus.co
www.abphotoadventures.com
advaisys.com
www.thejan.aizotech.com
algoquest.dev
amandarush.info
adminalert.apeironws.com
apicolturagjorgjiev.it
articwoodtech.com
dashboard.test.authknox.com
biergarten-lviv.barhandler.com
boomerangapi.com
brucemelville.com
payment.app-staging.c-rayon.com
civilxr.com
app.compte.pro
condointeligente.com.br
camp.crickingdom.com
cardemo.dctech.dev
edencapture.com
www.ensymn.com
falahproperties.com.au
gabalondon.com
garagearabia.com
ghergo.com.ar
gobbo.app
www.gratitude-strength.com
stilaus-staging.hero24.com
landsea.heuristip.com
sellia-login.heycenter.com
links.hivehealth.app
hotfemboys.net
www.website.int3grity.com
lenders.qa.invoicenxt.com
sc-demo-app.iterable.com
javascripttraining.ie
www.keeton.cloud
kziete.cl
levigata.com
learning.liltriangle.com
datadriver.logforce.com
events.mailmeteor.com
apps.mashatelkuwait.com
meganyin.com
www.meutrabalhoacademico.com.br
mftembra.com.br
www.modernizait.com
pic-bedemsw.mentor-stage.neccton.com
nyiritomas.com
hasher.optakit.app
www.pattycannotdesign.com
pdfsign.de
tos.penguinpass.it
www.pilquiy.com
pleasepleasepleasevisitoursitewewontstealyourdata.com
www.plomerosantioquia.com.co
postmormon.org
erode.primeonewaytaxi.in
nilgiris.primeonewaytaxi.in
pondicherry.primeonewaytaxi.in
thiruvarur.primeonewaytaxi.in
thoothukkudi.primeonewaytaxi.in
thoothukudi.primeonewaytaxi.in
tirunelveli.primeonewaytaxi.in
tirupati.primeonewaytaxi.in
tiruppur.primeonewaytaxi.in
puzzlebookstudio.com
quickdsn.com
rachelandcollin.com
ranker-ads.ranker-stage.com
readinggoals.io
refassistant.com
hbssign.removis.jp
resumes4all.com
ritas.design
www.sageoceandraftworks.com
link.samansa.com
documentation.scalenda.com
shcongregate.com
soco-camaro.com
www.souqomdurman.com
www.spacetimecrystal.com
randiskull.sq1.net
syncnotes.app
ufgreenjobs.tangleapps.com
aqdamy.tecfy.co
thegematriacalculator.com
www.theislamicnation.com
www.tinashechipomho.com
www.tomertalk.com
link.trackify.mx
www.umbo.dev
vertex.systems
partnermarketinghub.withgoogle.com
wpdistributor.com
demo.xcontrack.com
xkfa.com
www.zero1code.info
zeus247.ng
Other domains in certificate