SSL Certificate Analysis for dev.scarabei.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=wayingbi.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 22, 2026

Valid Until

July 21, 2026 55 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

1B:D4:DA:A1:7E:E2:0F:DD:92:26:65:23:3F:70:E7:CD:FF:82:85:7F:92:0B:71:A9:B7:1B:DB:BC:81:34:30:3D

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

scarabei.it *.scarabei.it *.admin.scarabei.it *.app.scarabei.it *.dev.scarabei.it *.notexistsowa.scarabei.it *.owa.scarabei.it

Other domains in certificate

dentetubarao.com.br *.dentetubarao.com.br *.ww17.dentetubarao.com.br

educationdevelopment.org *.educationdevelopment.org *.vpn.educationdevelopment.org

*.beach.fdpnudeart.com *.betis.fdpnudeart.com fdpnudeart.com *.fdpnudeart.com *.forum.fdpnudeart.com *.gallery.fdpnudeart.com *.models.fdpnudeart.com *.nonam.fdpnudeart.com *.ww25.fdpnudeart.com

iwot.com *.iwot.com *.ko.iwot.com

*.ebay.kidsplaylearn.com *.hostmaster.kidsplaylearn.com kidsplaylearn.com *.kidsplaylearn.com *.www.kidsplaylearn.com

*.email.ktrak.es ktrak.es *.ktrak.es *.ww25.ktrak.es

*.animals-travel.loyalbahisz.com *.bamboo.loyalbahisz.com loyalbahisz.com *.loyalbahisz.com *.onex.loyalbahisz.com *.pecom.loyalbahisz.com *.pruuyblablacar.loyalbahisz.com *.sample.loyalbahisz.com

*.api.luxapartmenuptss.com luxapartmenuptss.com *.luxapartmenuptss.com *.portal.luxapartmenuptss.com

paremia.org *.paremia.org *.ww25.paremia.org

*.blog.rushflooring.com *.hrm.rushflooring.com *.pro.rushflooring.com *.qa.rushflooring.com rushflooring.com *.rushflooring.com *.sandbox.rushflooring.com *.staging.rushflooring.com *.tr.rushflooring.com *.v3.rushflooring.com

*.app.scambiocase.it *.dashboards.scambiocase.it *.notexistsdev.scambiocase.it scambiocase.it *.scambiocase.it *.superset.scambiocase.it

*.antispam.shoppersdrugmar.ca *.members.shoppersdrugmar.ca *.mta.shoppersdrugmar.ca shoppersdrugmar.ca *.shoppersdrugmar.ca *.ww25.shoppersdrugmar.ca

*.cd.tawise.com *.enrollments.tawise.com *.net.tawise.com *.shop.tawise.com *.support.tawise.com tawise.com *.tawise.com *.ww25.tawise.com

*.m.wayingbi.com wayingbi.com *.wayingbi.com

*.cn.www-338.com *.com.www-338.com *.comwww.www-338.com *.miaomi.www-338.com *.net.www-338.com *.top.www-338.com www-338.com *.www-338.com