Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=lifehealth.it
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 17, 2026
Valid Until
July 16, 2026
46 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
71:88:32:88:24:0B:16:59:86:3A:31:A4:59:8A:A8:65:66:78:FF:E7:39:5D:8C:83:42:9A:29:2F:DF:12:F1:5C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
borracce.com
*.borracce.com
*.analytic.borracce.com
*.api.borracce.com
*.app.borracce.com
*.argo.borracce.com
*.backend.borracce.com
*.bi.borracce.com
*.bigdata.borracce.com
*.board.borracce.com
*.dash.borracce.com
*.dashboard.borracce.com
*.dashs.borracce.com
*.demo.borracce.com
*.hostmaster.borracce.com
*.intelligence.borracce.com
*.internal.borracce.com
*.mail.borracce.com
*.mail2.borracce.com
*.metric.borracce.com
*.notexistsapi.borracce.com
*.redash.borracce.com
*.report.borracce.com
*.research.borracce.com
*.status.borracce.com
*.superset.borracce.com
*.supersets.borracce.com
*.workflow.borracce.com
*.ww42.borracce.com
carsecurity.it
*.carsecurity.it
*.random.carsecurity.it
*.backup.crypticexpanse.quest
crypticexpanse.quest
*.crypticexpanse.quest
*.domaincontroller.crypticexpanse.quest
*.ftpd.crypticexpanse.quest
*.login.crypticexpanse.quest
*.mx0.crypticexpanse.quest
*.mx02.crypticexpanse.quest
*.postman.crypticexpanse.quest
*.search.crypticexpanse.quest
*.ssh.crypticexpanse.quest
*.status.crypticexpanse.quest
*.vpn1.crypticexpanse.quest
*.web0.crypticexpanse.quest
*.ww02.crypticexpanse.quest
*.ww2.crypticexpanse.quest
halcyonliving.co.uk
*.halcyonliving.co.uk
*.mail.halcyonliving.co.uk
holister.ca
*.holister.ca
*.api.lifehealth.it
*.app.lifehealth.it
*.dashboards.lifehealth.it
*.demo.lifehealth.it
*.hostmaster.lifehealth.it
lifehealth.it
*.lifehealth.it
*.owa.lifehealth.it
*.remote.lifehealth.it
*.reporting.lifehealth.it
*.reports.lifehealth.it
*.staging.lifehealth.it
*.api.maresconstruction.com
*.mail.maresconstruction.com
maresconstruction.com
*.maresconstruction.com
*.test.maresconstruction.com
*.1l5n.nxxfzl.cn
*.bjxxtmr.nxxfzl.cn
nxxfzl.cn
*.nxxfzl.cn
*.u5lu34.nxxfzl.cn
*.w5.nxxfzl.cn
*.yfk.nxxfzl.cn
*.zejnh.nxxfzl.cn
*.39ir6.stratboost.xyz
*.4qwa0.stratboost.xyz
*.89wkp.stratboost.xyz
*.i51qg.stratboost.xyz
*.kp5po.stratboost.xyz
*.qakt3.stratboost.xyz
*.qdiek.stratboost.xyz
stratboost.xyz
*.stratboost.xyz
*.tzygd.stratboost.xyz
*.vhakn.stratboost.xyz
*.yhue2.stratboost.xyz
Other domains in certificate