Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=sebi.it
Issuer
C=US, O=Let's Encrypt, CN=YR2
Valid From
June 13, 2026
Valid Until
September 11, 2026
88 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C1:20:3D:B0:19:0C:C2:7E:08:D4:2E:1B:91:9B:EA:80:47:8F:83:B4:84:08:FA:97:2B:1C:7F:74:F6:4D:F6:21
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
sebi.it
*.sebi.it
*.aniqmail.sebi.it
*.exch2016.sebi.it
*.exchange.sebi.it
*.exchangecorp.sebi.it
*.hostmaster.sebi.it
*.imap.sebi.it
*.intelligence.sebi.it
*.mail.sebi.it
*.mymail.sebi.it
*.outlook.sebi.it
*.rdweb.sebi.it
*.report.sebi.it
*.superset.sebi.it
*.ter.sebi.it
*.vpn5b.sebi.it
*.www.sebi.it
9min.xyz
*.9min.xyz
*.hostmaster.9min.xyz
*.mta-sts.9min.xyz
*.7f5eac45-d7f5-455b-b02e-60d3836fc8aa.secrets.bz
*.admin.secrets.bz
*.backend.secrets.bz
*.backup.secrets.bz
*.bransonsupply.secrets.bz
*.com.secrets.bz
*.cpanel.secrets.bz
*.cpcontacts.secrets.bz
*.data-beta.secrets.bz
*.data-poc.secrets.bz
*.demo.secrets.bz
*.dev.secrets.bz
*.development-ci.secrets.bz
*.drschneider.secrets.bz
*.exchange.secrets.bz
*.fcsprofessionals.secrets.bz
*.fyvoqjdl.secrets.bz
*.home.secrets.bz
*.hotfix.secrets.bz
*.iadore.secrets.bz
*.insight-development.secrets.bz
*.insightdevelopment.secrets.bz
*.jenkins-qa.secrets.bz
*.localhost.secrets.bz
*.mobile.secrets.bz
*.newjourneyclubhouse.secrets.bz
*.preview-analytics.secrets.bz
*.produzone-telechargement.secrets.bz
*.ruxjvinsightdevelopment.secrets.bz
secrets.bz
*.secrets.bz
*.sitemap.secrets.bz
*.staging.secrets.bz
*.static.secrets.bz
*.theprindleschool.secrets.bz
*.uat.secrets.bz
*.wap.secrets.bz
*.webdisk.secrets.bz
*.webmail.secrets.bz
*.whm.secrets.bz
*.yhzqvkbr.secrets.bz
*.api.tiku-badmosh.art
*.app.tiku-badmosh.art
*.df2dbbd2-425e-45aa-bac2-29080eee78d9.tiku-badmosh.art
*.mail.tiku-badmosh.art
tiku-badmosh.art
*.tiku-badmosh.art
*.admin.www-huawei.com
*.app.www-huawei.com
*.backup.www-huawei.com
*.d8174c62-1e99-491f-8e43-f96fc6705827.www-huawei.com
*.demo.www-huawei.com
*.dev.www-huawei.com
*.evolution.www-huawei.com
*.m.www-huawei.com
*.mail.www-huawei.com
*.members.www-huawei.com
*.pvyccm.www-huawei.com
*.remote.www-huawei.com
*.shop.www-huawei.com
*.test.www-huawei.com
*.uat.www-huawei.com
*.vpn.www-huawei.com
*.ww82.www-huawei.com
www-huawei.com
*.www-huawei.com
*.www.www-huawei.com
Other domains in certificate