Open
Cached
·
just now
87/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
C=IT, ST=Milano, L=Milano, O=Luxottica Group S.p.A., CN=backend.luxottica.com
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1
Valid From
November 14, 2025
Valid Until
May 19, 2026
86 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
03:42:B9:9B:EF:8F:A9:26:48:F2:71:5B:41:C5:4F:E4:8A:4B:4E:80:6D:B6:76:23:CF:A8:08:AC:D1:BF:35:9C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
X-Frame-Options
Excellent
Deny
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Significantly strengthen CSP directives
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
69 domains
api.framesdirect.com
api.barberinilenses.com
ws.brille24.de
api.clearly.ca
api.clearly.co.nz
api.clearly.com.au
redcarpet-api.essilorluxottica.com.cn
api.davidclulow.com
api-digital.essibox.com
api-as.essilorluxottica.com
api-telemedicine.essilorluxottica.com
apigw-connect-anz-admin.essilorluxottica.com
backend.leonardo.essilorluxottica.com
api.grandvision.it
api.impossible-frames.com
api.lensbest.de
api-bigdatalab.luxottica.com
api-cbls.luxottica.com
api-crm.luxottica.com
api-ls.luxottica.com
api-my4c.luxottica.com
api-telemedicine-pilot.luxottica.com
api-telemedicine-showroom.luxottica.com
api-telemedicine.luxottica.com
api-virtualmirror.luxottica.com
api-vma.luxottica.com
apistore360.luxottica.com
backend.luxottica.com
bff-onlinevisiontest.luxottica.com
crmapp-api.luxottica.com
fa-api.luxottica.com
im-multiplatform-cms.luxottica.com
instapps.luxottica.com
loya-api.luxottica.com
luxlens.luxottica.com
preview-cae-multiplatform-cms.luxottica.com
preview-multi-cms.luxottica.com
preview-multiplatform-cms.luxottica.com
preview-redcarpet-cms.luxottica.com
redcarpet-api.luxottica.com
rfeyed-api.luxottica.com
rxcbe.luxottica.com
vto-api.luxottica.com
api.nuanceaudio.com
api.optiport.com
api.percalliance.com
api-digital-pilot.stellestmyopiasuite.com
api-digital.stellestmyopiasuite.com
api.visiondirect.be
api.visiondirect.co.uk
api.visiondirect.de
api.visiondirect.es
api.visiondirect.fr
api.visiondirect.ie
api.visiondirect.it
api.visiondirect.nl
api.visiondirect.pt
api.visiondirect.se
api.visionsource.com
internalapi.visionsource.com
connect-api.visionx.solutions
gmncnt-apigw.visionx.solutions
gmneng-apigw.visionx.solutions
gmnmvc-api.visionx.solutions
gmnpms-apigw.visionx.solutions
gmnupr-api.visionx.solutions
gmnupr-apigw.visionx.solutions
gmnupr-device-api.visionx.solutions
nos-api.visionx.solutions
Other domains in certificate