Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=palazzoducale.it
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
March 13, 2026
Valid Until
June 11, 2026
45 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B8:F9:3B:AB:5E:42:42:80:D5:DA:93:E8:9B:44:88:92:F8:84:82:E2:90:29:A6:FF:AA:08:61:0C:EA:65:79:44
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
orra.it
*.orra.it
*.auto.orra.it
*.dashboards.orra.it
*.la-m.orra.it
*.lacam.orra.it
*.metric.orra.it
*.profm.orra.it
15kmliegemetropole.com
*.15kmliegemetropole.com
*.cms.15kmliegemetropole.com
789au.club
*.789au.club
*.admin.789au.club
*.sitemap.789au.club
*.sitemaps.789au.club
*.ww25.789au.club
*.ww38.789au.club
auditechliterature.com
*.auditechliterature.com
*.wildcard.auditechliterature.com
*.admin.autumn.best
*.amdolekic.autumn.best
*.api.autumn.best
*.app.autumn.best
*.assets.autumn.best
autumn.best
*.autumn.best
*.backup.autumn.best
*.dan.autumn.best
*.demo.autumn.best
*.dolekic.autumn.best
*.e464e42a-b499-4126-878c-59ae399fbda2.autumn.best
*.fcaea936-76c1-4baf-8cc3-5f098ab95275.autumn.best
*.hostmaster.autumn.best
*.m.autumn.best
*.one.autumn.best
*.remote.autumn.best
*.staging.autumn.best
*.test.autumn.best
*.uat.autumn.best
*.www.autumn.best
*.backend.casinoline.bet
casinoline.bet
*.casinoline.bet
deutschhe-rentenversicherung.de
*.deutschhe-rentenversicherung.de
getcrunch.co
*.getcrunch.co
*.dev.kalebcooper.meme
*.host.kalebcooper.meme
kalebcooper.meme
*.kalebcooper.meme
*.www1.kalebcooper.meme
*.ygugastatus.kalebcooper.meme
lionelmessi.it
*.lionelmessi.it
*.mail2.lionelmessi.it
*.admin.marinadelreymusic.com
*.api.marinadelreymusic.com
*.demo.marinadelreymusic.com
marinadelreymusic.com
*.marinadelreymusic.com
*.staging.marinadelreymusic.com
*.www.marinadelreymusic.com
*.dev.palazzoducale.it
*.exchange.palazzoducale.it
palazzoducale.it
*.palazzoducale.it
quarterlounge.co.uk
*.quarterlounge.co.uk
*.pixel.seducaoacima.com
seducaoacima.com
*.seducaoacima.com
*.ww38.seducaoacima.com
*.autodiscover.toystorymoo.com
*.ftp.toystorymoo.com
toystorymoo.com
*.toystorymoo.com
*.www.toystorymoo.com
waveopps.com
*.waveopps.com
wealth100.com.au
*.wealth100.com.au
*.random.xn--6-9y5er5c06j8cr02blwq4a740gq5nvkm1qb4xo.com
*.ww25.xn--6-9y5er5c06j8cr02blwq4a740gq5nvkm1qb4xo.com
xn--6-9y5er5c06j8cr02blwq4a740gq5nvkm1qb4xo.com
*.xn--6-9y5er5c06j8cr02blwq4a740gq5nvkm1qb4xo.com
yeson1ca.com
*.yeson1ca.com
Other domains in certificate