Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=biannetta.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 30, 2025
Valid Until
February 28, 2026
85 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DB:AA:31:68:3E:F2:A3:FD:86:ED:95:78:09:68:C1:35:93:8D:C2:BB:05:FD:FE:58:F8:E4:07:C0:33:43:56:AB
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-0XsuXaS_nRYvxq6OJwik3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
z.rutgon.me
www.beta.afipayments.com
admin.akshatgold.com
education.alienbrains.in
alleyoop.no
www.annapurnasweet.com
test.appydoctors.com
www.askabout.io
athleticiq.ai
ayawafarms.com
boscotest.bandhoo.com
biannetta.com
www.app.bildin.com.pe
ttme.boat-admin.app
brochard.tech
my-test.cabsly.com
otodeger.canotomotiv.com
allianz.cateringportal.io
rizeupmedia-login.chatleadspro.com
chetscratch.online
www.civinomics.com
hoog.co.il
sinar-baucar.hargapedia.com.my
events.mitsubishi-motors.com.ph
www.bagbahceyatirim.com.tr
cybermeet.me
davidair.com
daynnight.world
www.decla.red
domvincent.com
www.dotune.com
life.dpd.co.uk
dragondropcards.com
easycommercesolutions.com
www.eldorado.io
ekid.familiasprimero.cl
www.hanewomotsukoibito.com
www.horsforthhottubhire.co.uk
huckle.golf
testbrand-auth.ibep-staging.com
iki.mn
ilkbboise.impactwrap.com
studysyllabus.indiandevelopers.org
induseverest.com
dashboard.test.invition.eu
jinyil.com
joemaloney.dev
sccc.kiana.io
www.kumaravelumapathy.com
lacrosselab.com
lego.lange.click
www.leafapp.fr
www.lma-art-gallery.com
www.luisboccuti.com
lukeroe.dev
ops.machineworks.io
marbellainvest.eu
mbcode.net
corporate.medicalagency.jp
www.mhs-gmbh.com
www.mifinejewelry.com
www.mobilecaraudio.net
www.moondungeon.com
cms.bardi.multichat.ai
www.my-namue.namue.co.jp
tracking.nanosoft.co.za
admin.ankityadav.net.in
technews.net.in
www.omnivia.com.br
auth.dev.pay.onewash.com.au
ariyalur.onewaytravels.in
www.p3rkstudios.com
packthathouse.com
management.pixelpros.nl
www.playcourtpiece.com
dindigul.primeonewaytaxi.in
www.pushbutton.help
recesin.jp
cms.redwood-group.co.za
rendk.com.br
captacao.rodenstock.com.br
schedulemaker.com
www.sircle.id
admin.skimentor.no
lei.sonice-aioe.com
www.sormincorp.com
link.surance-app.io
www.tagorepublicschool.in
taxhub.io
www.thecynicguy.com
www.tileora.com
kolpo.prev.timyst.com
simulator.uniconyx.com
www.urbancivic.in
vidmemory.com
vokolopriglu.virtualnibehy.cz
app.votetoearn.net
url.wakool.net
witnesstoolbox.org
demo.xplolog.com
Other domains in certificate