Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=ancestors.it
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 04, 2026
Valid Until
May 05, 2026
75 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
52:EF:5A:EB:49:7D:D3:74:B3:F0:7F:C5:77:26:A4:EF:C2:85:C0:97:C8:1A:DA:8C:BD:F2:B3:45:E7:01:2B:F1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
centrogioco.it
*.centrogioco.it
an0upk.top
*.an0upk.top
ancestors.it
*.ancestors.it
anyphone.it
*.anyphone.it
aplusadvertisinglimited.com
*.aplusadvertisinglimited.com
appro.ai
*.appro.ai
aramb.sbs
*.aramb.sbs
artfulvisionaries.cfd
*.artfulvisionaries.cfd
assicurazionicasa.it
*.assicurazionicasa.it
athensanimalclinic.net
*.athensanimalclinic.net
attn.it
*.attn.it
aurorawelltop.com
*.aurorawelltop.com
balde.it
*.balde.it
bancaislamica.it
*.bancaislamica.it
bestcreditcards.it
*.bestcreditcards.it
bet5577.pro
*.bet5577.pro
betfbgs.cyou
*.betfbgs.cyou
beverlyhillsfirm.com
*.beverlyhillsfirm.com
bicyclehelmets.it
*.bicyclehelmets.it
biscottiartigianali.it
*.biscottiartigianali.it
boatrace.it
*.boatrace.it
boldsportvision.cfd
*.boldsportvision.cfd
booksguidevoyage.xyz
*.booksguidevoyage.xyz
borealupbloom.com
*.borealupbloom.com
botqik.com
*.botqik.com
boystomenistry.com
*.boystomenistry.com
brbet.live
*.brbet.live
bresimo.it
*.bresimo.it
bus4dgo.com
*.bus4dgo.com
calderas-calefaccion-gas.cfd
*.calderas-calefaccion-gas.cfd
cardas.it
*.cardas.it
caribev.lat
*.caribev.lat
carwashing.it
*.carwashing.it
cerbo.it
*.cerbo.it
cinememe.it
*.cinememe.it
civilbank.it
*.civilbank.it
claras.it
*.claras.it
coko.it
*.coko.it
colorclass.it
*.colorclass.it
colornails.it
*.colornails.it
completini.it
*.completini.it
cortefranca.it
*.cortefranca.it
creativeartjourney.sbs
*.creativeartjourney.sbs
*.backend.myreal.it
myreal.it
*.myreal.it
Other domains in certificate