Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=bayclub.it
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 03, 2026
Valid Until
July 02, 2026
40 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
16:59:E4:B9:42:E2:D2:2A:9B:F9:31:9C:73:4A:F5:CB:3E:FB:29:F5:98:8E:8B:0A:3D:56:33:46:94:25:16:7A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
pima.cc
*.pima.cc
*.alliedhealth.pima.cc
*.brown.pima.cc
*.sc.pima.cc
aberdeenasset.com.au
*.aberdeenasset.com.au
*.sandbox.aberdeenasset.com.au
*.ww17.aberdeenasset.com.au
*.ww25.aberdeenasset.com.au
*.ww38.aberdeenasset.com.au
*.admin.bayclub.it
*.app.bayclub.it
bayclub.it
*.bayclub.it
*.demo.bayclub.it
*.hostmaster.bayclub.it
*.www.bayclub.it
beadpalaceinc.com
*.beadpalaceinc.com
*.mail.beadpalaceinc.com
*.ww25.beadpalaceinc.com
*.ww38.beadpalaceinc.com
bestgor.com
*.bestgor.com
*.promo.bestgor.com
*.ww.bestgor.com
*.ww16.bestgor.com
*.ww17.bestgor.com
*.ww25.bestgor.com
*.ww8.bestgor.com
computerrecovery.au
*.computerrecovery.au
*.ildcard.computerrecovery.au
*.random.computerrecovery.au
*.ww16.computerrecovery.au
comsys.au
*.comsys.au
*.mailserver.comsys.au
*.adforum.consult.com.au
consult.com.au
*.consult.com.au
*.ctconsult.consult.com.au
*.dash.consult.com.au
*.global.consult.com.au
*.instant.consult.com.au
*.iris.consult.com.au
*.oakwood.consult.com.au
*.quberecruit.consult.com.au
*.ww16.consult.com.au
*.ww25.consult.com.au
*.ww38.consult.com.au
*.www.consult.com.au
joansfabrics.com
*.joansfabrics.com
*.com.litmos.au
litmos.au
*.litmos.au
*.pruexpert.litmos.au
*.prulife.litmos.au
*.prulifeuk.litmos.au
*.checkout.luxurycosmeticsvzla.com
*.cpanel.luxurycosmeticsvzla.com
luxurycosmeticsvzla.com
*.luxurycosmeticsvzla.com
*.m.luxurycosmeticsvzla.com
*.mail.luxurycosmeticsvzla.com
*.webdisk.luxurycosmeticsvzla.com
*.webmail.luxurycosmeticsvzla.com
*.whm.luxurycosmeticsvzla.com
pupsi.com.au
*.pupsi.com.au
*.mail.ruse.com.au
*.mailing.ruse.com.au
*.mx.ruse.com.au
ruse.com.au
*.ruse.com.au
*.ww11.ruse.com.au
*.ww25.ruse.com.au
*.a.validi.com
*.api.validi.com
*.bb.validi.com
*.ei.validi.com
*.qa.validi.com
*.test3.validi.com
validi.com
*.validi.com
xn--tanzbungen-deb.de
*.xn--tanzbungen-deb.de
Other domains in certificate