Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=constantine.it
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 20, 2026
Valid Until
August 18, 2026
58 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
46:19:49:12:80:3A:CE:41:36:90:57:81:A2:79:0F:80:F0:5D:13:02:77:F8:0E:C6:2C:11:0F:76:84:D7:95:8C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
87 domains
grimi.it
*.grimi.it
*.dev.grimi.it
*.hostmaster.grimi.it
3music.app
*.3music.app
*.analytic.3music.app
*.explore.3music.app
*.qa.3music.app
*.reporting.3music.app
*.staging.3music.app
*.uat.3music.app
*.visualization.3music.app
*.ww25.3music.app
aboutthefit.it
*.aboutthefit.it
abruzzocasa.it
*.abruzzocasa.it
affittodominio.it
*.affittodominio.it
cjnp.com
*.cjnp.com
*.jennyshannon-davidalvarado.cjnp.com
*.munozterri-cstevens.cjnp.com
*.victorcook-jlawrence.cjnp.com
*.ww25.cjnp.com
*.ww38.cjnp.com
constantine.it
*.constantine.it
cony.it
*.cony.it
*.cs.cony.it
erzey.com
*.erzey.com
*.img1-fg.erzey.com
*.wswin10xiazai.erzey.com
*.287337d3-ca48-4861-b280-40076b6d5a70.ffastener.com
*.3b037d8a-55a6-447b-a6f9-bbaeda6048c2.ffastener.com
*.96ca528b-2757-4994-a378-fad0f854abbc.ffastener.com
*.9c62f1a9-d0eb-4b42-9bc0-f919de87c9a5.ffastener.com
*.a.ffastener.com
*.access.ffastener.com
*.admin.ffastener.com
*.anyconnect.ffastener.com
*.api.ffastener.com
*.app.ffastener.com
*.apps.ffastener.com
*.assets.ffastener.com
*.b9fb310f-ad67-4dd4-a9f2-50388744933a.ffastener.com
*.blog.ffastener.com
*.cloud.ffastener.com
*.demo.ffastener.com
*.dev.ffastener.com
*.e38dd786-3d8b-4e02-89ee-ef920fb11bd3.ffastener.com
*.extranet.ffastener.com
ffastener.com
*.ffastener.com
*.gateway.ffastener.com
*.kb.ffastener.com
*.m.ffastener.com
*.mail.ffastener.com
*.marketing.ffastener.com
*.msk.ffastener.com
*.mta-sts.ffastener.com
*.oesuxknf.ffastener.com
*.owa.ffastener.com
*.pkpqgv1.ffastener.com
*.portal.ffastener.com
*.rd.ffastener.com
*.rds.ffastener.com
*.rdweb.ffastener.com
*.remote.ffastener.com
*.smtp.ffastener.com
*.stg.ffastener.com
*.ufa.ffastener.com
*.vpn.ffastener.com
*.ww12.ffastener.com
*.ww2.ffastener.com
*.img1-fg.kmxhr.com
kmxhr.com
*.kmxhr.com
*.ww25.kmxhr.com
*.git.thesisters.co.uk
*.mail.thesisters.co.uk
*.sitemaps.thesisters.co.uk
thesisters.co.uk
*.thesisters.co.uk
Other domains in certificate