Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=idrainstitute.org
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 10, 2026
Valid Until
July 09, 2026
49 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B9:D6:7A:28:14:7D:F0:50:55:D3:A8:4C:B4:CF:B3:67:17:4C:2B:DC:35:E1:BF:B1:76:08:47:6C:F9:E3:3E:18
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
idrainstitute.org
*.idrainstitute.org
*.access.inlove.it
*.admin.inlove.it
*.analytics.inlove.it
*.api.inlove.it
*.apps.inlove.it
*.autoconfig.inlove.it
*.desktop.inlove.it
*.eposta.inlove.it
*.exch2016.inlove.it
*.hostmaster.inlove.it
inlove.it
*.inlove.it
*.intelligence.inlove.it
*.mail.inlove.it
*.mail1.inlove.it
*.mywebmail.inlove.it
*.newmail2013.inlove.it
*.ogrencieposta.inlove.it
*.outlook.inlove.it
*.pop3.inlove.it
*.smtp.inlove.it
*.ssl.inlove.it
*.sslvpn.inlove.it
*.staging.inlove.it
*.superset.inlove.it
*.vpn.inlove.it
*.webmail.inlove.it
*.63a86703-7d2a-447d-bc9d-fd325aae81dd.securaserve.com
*.89a47927-0a7c-4b17-b654-b39d8685c443.securaserve.com
*.admin.securaserve.com
*.api.securaserve.com
*.app.securaserve.com
*.assets.securaserve.com
*.autodiscover.securaserve.com
*.backup.securaserve.com
*.cwrugpni.securaserve.com
*.dashboard.securaserve.com
*.demo.securaserve.com
*.dev.securaserve.com
*.email.securaserve.com
*.extranet.securaserve.com
*.hostmaster.securaserve.com
*.m.securaserve.com
*.mailer.securaserve.com
*.marketing.securaserve.com
*.qa.securaserve.com
securaserve.com
*.securaserve.com
*.secure.securaserve.com
*.staging.securaserve.com
*.stg.securaserve.com
*.test.securaserve.com
*.uat.securaserve.com
*.v1.securaserve.com
*.v2.securaserve.com
*.vpn.securaserve.com
*.web.securaserve.com
*.webmail.securaserve.com
*.webvpn.securaserve.com
*.server.tenscopeworksuite.com
tenscopeworksuite.com
*.tenscopeworksuite.com
*.vps.tenscopeworksuite.com
*.80521b83-53d2-4f1b-b9a9-4b66c3a41715.tourofthelakelsi.com
*.963485c4-0c97-4b7e-be47-63fe2c961622.tourofthelakelsi.com
*.admin.tourofthelakelsi.com
*.api.tourofthelakelsi.com
*.app.tourofthelakelsi.com
*.assets.tourofthelakelsi.com
*.demo.tourofthelakelsi.com
*.dev.tourofthelakelsi.com
*.hostmaster.tourofthelakelsi.com
*.parked.tourofthelakelsi.com
*.rd.tourofthelakelsi.com
*.rds.tourofthelakelsi.com
*.rdweb.tourofthelakelsi.com
*.remote.tourofthelakelsi.com
*.shop.tourofthelakelsi.com
*.test.tourofthelakelsi.com
tourofthelakelsi.com
*.tourofthelakelsi.com
*.vpn.tourofthelakelsi.com
*.www.tourofthelakelsi.com
*.86fa10d0-46d3-4098-aa83-047999b47638.weareufc.com
*.b6c170e6-b001-4b7f-a832-8aeacf7b60bf.weareufc.com
*.staging.weareufc.com
weareufc.com
*.weareufc.com
Other domains in certificate