SSL Certificate Analysis for docspizza.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=salonicon.xyz

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

January 14, 2026

Valid Until

April 14, 2026 57 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

3B:8B:19:1E:70:AF:9C:3A:5F:79:E6:0F:A3:6C:29:34:75:86:89:25:23:B9:24:42:CC:96:AD:E9:88:A0:82:84

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

docspizza.com *.docspizza.com *.ww38.docspizza.com

Other domains in certificate

19servicecenter.com *.19servicecenter.com *.allegis.19servicecenter.com *.com.19servicecenter.com

aaj.uk *.aaj.uk *.demo.aaj.uk *.dev.aaj.uk *.magento.aaj.uk *.shop.aaj.uk *.store.aaj.uk *.test.aaj.uk

akhbartak.com *.akhbartak.com *.eng.akhbartak.com *.news.akhbartak.com *.usa.akhbartak.com *.ww25.akhbartak.com *.ww38.akhbartak.com

bodypri.com *.bodypri.com *.zh-cn.bodypri.com *.zh-tw.bodypri.com

carsdurect.com *.carsdurect.com

cefcocareers.com *.cefcocareers.com *.dns.cefcocareers.com *.hostmaster.cefcocareers.com *.mx7.cefcocareers.com

kch.com.pl *.kch.com.pl

createbasic.com *.createbasic.com *.survey.createbasic.com

cruncgyroll.com *.cruncgyroll.com

*.byby.dive7s.com dive7s.com *.dive7s.com *.random.dive7s.com *.ww25.dive7s.com *.yjsc.dive7s.com

*.book.heritageoaksrvp.com *.ftp.heritageoaksrvp.com heritageoaksrvp.com *.heritageoaksrvp.com

kiski-24.online *.kiski-24.online *.ww38.kiski-24.online

minecraft-mods.eu *.minecraft-mods.eu

*.hostmaster.ryebuydirect.com ryebuydirect.com *.ryebuydirect.com *.ww25.ryebuydirect.com

salonicon.xyz *.salonicon.xyz

*.archivio.stato.it *.archiviodistatoricerca.stato.it *.avvocatura.stato.it *.c1.stato.it *.di.stato.it *.dj.stato.it *.fielmann.stato.it *.milanocitta.stato.it *.ni.stato.it *.polizadi.stato.it *.polizia.stato.it *.poliziad.stato.it *.poliziadi.stato.it *.random.stato.it *.staging.stato.it stato.it *.stato.it *.zecca.stato.it

*.hostmaster.thrombozytose.de thrombozytose.de *.thrombozytose.de

toptenautoinsurance.com *.toptenautoinsurance.com

*.m.tricorental.com *.testing.tricorental.com tricorental.com *.tricorental.com

true89.com *.true89.com