Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=toscan.it
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 11, 2026
Valid Until
July 10, 2026
35 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2D:64:E9:51:7F:93:79:94:14:7A:40:7F:2F:5C:3B:1F:E6:E1:83:8F:43:69:41:62:97:FF:71:CD:B4:F4:ED:84
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
toscan.it
*.toscan.it
*.ao-pisa.toscan.it
*.aou-careggi.toscan.it
*.art.toscan.it
*.artea.toscan.it
*.asf.toscan.it
*.centro.toscan.it
*.chart.toscan.it
*.demo.toscan.it
*.estar.toscan.it
*.it.toscan.it
*.mail.toscan.it
*.mx.toscan.it
*.qmdsimail.toscan.it
*.regione.toscan.it
*.rete.toscan.it
*.sanita.toscan.it
*.servizi.toscan.it
*.srr.toscan.it
*.ssr.toscan.it
*.uslcentro.toscan.it
agenticboat.com
*.agenticboat.com
*.www.agenticboat.com
assetti.it
*.assetti.it
*.hostmaster.assetti.it
*.isol.assetti.it
*.aduonvshengzhitu.fbtcw.cn
*.atsyxld.fbtcw.cn
fbtcw.cn
*.fbtcw.cn
*.fqjhzxmfav.fbtcw.cn
*.oumeimeinvyingpian.fbtcw.cn
*.rtysu.fbtcw.cn
*.t7wrl.fbtcw.cn
*.wxswjsmn.fbtcw.cn
*.yangmidian.fbtcw.cn
*.yangshangkun.fbtcw.cn
*.chat.github-free.com
*.copilot.github-free.com
github-free.com
*.github-free.com
*.gpt-api.github-free.com
*.user.github-free.com
*.auth1.jasatama.com
*.cloud.jasatama.com
jasatama.com
*.jasatama.com
*.jayabaruna-depot.jasatama.com
*.login.jasatama.com
*.mail.jasatama.com
*.random.jasatama.com
*.rd.jasatama.com
*.sby.jasatama.com
*.security.jasatama.com
*.start.jasatama.com
*.start1.jasatama.com
*.vdi.jasatama.com
*.vdi2.jasatama.com
*.virtualaccess2.jasatama.com
*.vpn1.jasatama.com
*.web2.jasatama.com
*.webvpn.jasatama.com
*.wildcard.jasatama.com
*.ww16.jasatama.com
*.ww17.jasatama.com
*.ww38.jasatama.com
*.07a5a62975bf.kufland.pl
*.4c448efa-606c-45ca-a92d-07a5a62975bf.kufland.pl
*.cloud.kufland.pl
*.d6c52ee7-fb54-4d4a-9cfa-448e96d4530e.kufland.pl
*.dxqtqww41.kufland.pl
*.hostmaster.kufland.pl
kufland.pl
*.kufland.pl
*.remote.kufland.pl
*.sklep.kufland.pl
*.v2.kufland.pl
*.ww35.kufland.pl
*.www.kufland.pl
*.wwww.kufland.pl
nails-anna.com
*.nails-anna.com
*.ww25.nails-anna.com
*.api.queenx.org
*.mail.queenx.org
queenx.org
*.queenx.org
Other domains in certificate