SSL Certificate Analysis for remote.optfor.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=countrysports.it

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 01, 2026

Valid Until

June 30, 2026 54 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

6B:52:40:06:CF:C9:2E:A0:51:C3:71:D4:1F:23:49:B8:67:CD:42:67:55:8F:28:BA:52:19:D0:E2:C4:E1:6B:90

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

optfor.it *.optfor.it *.hostmaster.optfor.it *.remote.optfor.it

Other domains in certificate

awaft.com *.awaft.com *.hostmaster.awaft.com

*.admin.cedoazienda.com *.app.cedoazienda.com *.backend.cedoazienda.com cedoazienda.com *.cedoazienda.com *.chart.cedoazienda.com *.dashboard.cedoazienda.com *.metric.cedoazienda.com *.research.cedoazienda.com *.supersets.cedoazienda.com *.workflow.cedoazienda.com *.ww20.cedoazienda.com

*.bb.countrysports.it *.be.countrysports.it *.bp.countrysports.it countrysports.it *.countrysports.it *.cr.countrysports.it *.df.countrysports.it *.dj.countrysports.it *.dp.countrysports.it *.ei.countrysports.it *.mx.countrysports.it

*.admin.nursingprograms.guide *.api.nursingprograms.guide *.app.nursingprograms.guide *.assets.nursingprograms.guide *.b495de8c-9359-45fe-a7bf-7927ada42260.nursingprograms.guide *.cms.nursingprograms.guide *.demo.nursingprograms.guide *.dev.nursingprograms.guide *.hostmaster.nursingprograms.guide nursingprograms.guide *.nursingprograms.guide *.rustore.nursingprograms.guide *.www.nursingprograms.guide

*.hostmaster.oneword.it oneword.it *.oneword.it

*.he00g.pokerdom-crz9.xyz pokerdom-crz9.xyz *.pokerdom-crz9.xyz

*.379ddc59-fb15-4215-8b57-ca23d30c428f.prahran.co *.3g.prahran.co *.4185a9fe-a0d9-44fd-a8ff-8ed93e4db6f7.prahran.co *.a.prahran.co *.anzhuo.prahran.co *.app.prahran.co *.apps.prahran.co *.bbs.prahran.co *.beta.prahran.co *.cpanel.prahran.co *.demo.prahran.co *.emmbxwss.prahran.co *.fc53dcbf-3da8-4263-b13b-3ac9cc686cd4.prahran.co *.ftp.prahran.co *.imap.prahran.co *.info.prahran.co *.magento.prahran.co *.mail.prahran.co *.new.prahran.co *.office.prahran.co *.owa.prahran.co *.pay.prahran.co prahran.co *.prahran.co *.remote.prahran.co *.store.prahran.co *.support.prahran.co *.test.prahran.co *.ups.prahran.co *.wss.prahran.co *.ww12.prahran.co *.ww16.prahran.co *.ww6.prahran.co *.www.prahran.co

*.promo.ritecarinsurance.com ritecarinsurance.com *.ritecarinsurance.com *.start.ritecarinsurance.com *.travel.ritecarinsurance.com *.zmml.ritecarinsurance.com