DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt

Certificate Information

Subject
CN=alb.it
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 11, 2026
Valid Until
July 10, 2026 30 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FB:A9:61:B7:F6:3C:D1:F1:8B:AD:8E:80:77:FA:17:21:30:F5:24:89:B0:95:A1:42:75:DD:D8:5F:C8:ED:32:95
Alternative Names
89 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains
alb.it *.alb.it *.7d.alb.it *.avv.alb.it *.desktop.alb.it *.dev.alb.it *.hostmaster.alb.it *.mx.alb.it *.rdweb.alb.it *.webmail.alb.it

Other domains in certificate

capao.it *.capao.it
*.1.gemucel.com *.admin.gemucel.com *.ai.gemucel.com *.api.gemucel.com *.app.gemucel.com *.argo.gemucel.com *.b664237e-fba8-43e2-8823-2c5541849c5b.gemucel.com *.b8222d3e-71b8-4e55-9c87-b367d6516748.gemucel.com *.backend.gemucel.com *.backup.gemucel.com *.bfe0f00c-837e-4dbc-95c5-52d10f3d7d00.gemucel.com *.board.gemucel.com *.brddlprod.gemucel.com *.console.gemucel.com *.dashboard.gemucel.com *.demo.gemucel.com *.dev.gemucel.com *.dns.gemucel.com *.e8b4ad7d-d6bb-42e2-9391-f81a7d48ef05.gemucel.com *.ekb.gemucel.com *.exchangecorp.gemucel.com *.f4a48e7c-0efb-46d4-8681-dc1b8f5c53fe.gemucel.com *.flow.gemucel.com gemucel.com *.gemucel.com *.hotfix-flowiseai.gemucel.com *.intelligence.gemucel.com *.internal.gemucel.com *.m.gemucel.com *.members.gemucel.com *.mx7.gemucel.com *.nrkuxportal.gemucel.com *.nszbdm.gemucel.com *.portal.gemucel.com *.prod.gemucel.com *.qsswgstore.gemucel.com *.recette.gemucel.com *.redash.gemucel.com *.remote.gemucel.com *.report.gemucel.com *.shop.gemucel.com *.staging.gemucel.com *.status.gemucel.com *.store.gemucel.com *.summary.gemucel.com *.superset.gemucel.com *.test.gemucel.com *.uat.gemucel.com *.vpn.gemucel.com *.webvpn.gemucel.com *.workflow.gemucel.com *.ww1.gemucel.com *.www.gemucel.com
*.9f45d8c9-5cff-43df-a4f3-5dcce9ac0116.qufute.com *.a731b0b5-94bc-4e4d-ab20-0f83f7c9cc41.qufute.com *.admin.qufute.com *.api.qufute.com *.app.qufute.com *.blog.qufute.com *.cloud.qufute.com *.demo.qufute.com *.dev.qufute.com *.f0c53195-8874-4a46-a1da-71c80b7e72a0.qufute.com *.fa2f1dd6-2826-492e-a17e-26d10658e76d.qufute.com *.hostmaster.qufute.com *.lms.qufute.com *.m.qufute.com *.members.qufute.com *.my.qufute.com qufute.com *.qufute.com *.rd.qufute.com *.rdweb.qufute.com *.remote.qufute.com *.rrbvvcloud.qufute.com *.test.qufute.com *.vpn.qufute.com