SSL Certificate Analysis for visual.gattine.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=investmentfrog.com

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

June 05, 2026

Valid Until

September 03, 2026 70 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

3A:C2:EE:85:53:2A:79:A6:33:AB:40:97:E6:56:83:1C:8F:80:6D:E8:08:02:2D:32:45:95:5C:06:51:59:7F:F5

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

gattine.com *.gattine.com *.123.gattine.com *.dashboard.gattine.com *.superset.gattine.com *.visual.gattine.com

Other domains in certificate

aiqlogin.com *.aiqlogin.com *.c0rm6o.aiqlogin.com

aiqpasskey.com *.aiqpasskey.com *.clbc7x.aiqpasskey.com

*.admin.alvoto.it alvoto.it *.alvoto.it *.dev.alvoto.it *.owa.alvoto.it *.preview.alvoto.it *.reporting.alvoto.it *.staging.alvoto.it *.superset.alvoto.it

bliogspot.com *.bliogspot.com *.culturalimeira.bliogspot.com *.hemmapasjuan.bliogspot.com *.hostmaster.bliogspot.com *.johannejakobsen.bliogspot.com *.killycomputacion.bliogspot.com *.maryonlakepulaski.bliogspot.com

hdhub4us.in *.hdhub4us.in *.www.hdhub4us.in

*.hostmaster.investmentfrog.com investmentfrog.com *.investmentfrog.com

jk3996682.xyz *.jk3996682.xyz

jkkjfe.com *.jkkjfe.com

*.e1kkfc.js8802.vip js8802.vip *.js8802.vip *.www.js8802.vip

*.admin.koloseum.it *.analyze.koloseum.it *.api.koloseum.it *.bi.koloseum.it *.demo.koloseum.it koloseum.it *.koloseum.it *.qa-superset.koloseum.it

magnetklebeband.de *.magnetklebeband.de

*.emea.micrsoftonline.com *.lgin.micrsoftonline.com *.login.micrsoftonline.com *.logion.micrsoftonline.com *.mail.micrsoftonline.com micrsoftonline.com *.micrsoftonline.com *.passwordreset.micrsoftonline.com

*.hostmaster.miningcloud.pro *.mail.miningcloud.pro miningcloud.pro *.miningcloud.pro *.www.miningcloud.pro

oomoye.me *.oomoye.me *.ww38.oomoye.me

*.ebay.picktopieces.com *.hostmaster.picktopieces.com picktopieces.com *.picktopieces.com *.samara.picktopieces.com *.sitemaps.picktopieces.com *.www.picktopieces.com

*.api.rifletti.com *.hostmaster.rifletti.com rifletti.com *.rifletti.com

*.dev.vidoview.com *.lenkno.vidoview.com *.new.vidoview.com *.random.vidoview.com *.top.vidoview.com *.vi.vidoview.com vidoview.com *.vidoview.com

xn--11x805d.ws *.xn--11x805d.ws