SSL Certificate Analysis for staging.furman.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=policeman.au

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 01, 2026

Valid Until

June 30, 2026 40 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D8:2A:AD:D5:1C:66:40:16:0E:1A:AE:8A:01:5A:0F:5D:47:F2:FD:CC:7E:18:3C:C8:57:D5:BE:C0:EA:D6:3F:4E

Alternative Names

87 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

87 domains

furman.it *.furman.it *.app.furman.it *.backend.furman.it *.staging.furman.it

Other domains in certificate

5xclub.net *.5xclub.net

auxcras.com *.auxcras.com

*.6.computer.in *.araghaminikh.computer.in *.b.computer.in *.cbse.computer.in computer.in *.computer.in *.freedom.computer.in *.gurukul.computer.in *.ici.computer.in *.keep.computer.in *.ns1.computer.in *.permanent.computer.in *.poppy.computer.in *.sscit.computer.in *.visha.computer.in *.zamzam.computer.in

cyclingtour.com.au *.cyclingtour.com.au

flashevents.co.uk *.flashevents.co.uk

*.cpcalendars.glenbraegardens.com.au glenbraegardens.com.au *.glenbraegardens.com.au *.ww16.glenbraegardens.com.au

*.25.hjtnt.com hjtnt.com *.hjtnt.com *.random.hjtnt.com *.ww25.hjtnt.com *.ww38.hjtnt.com *.www.hjtnt.com

love-intim.online *.love-intim.online *.webmail.love-intim.online *.ww25.love-intim.online

ocariripb.com.br *.ocariripb.com.br *.ww38.ocariripb.com.br

pashacasino260.bet *.pashacasino260.bet

policeman.au *.policeman.au *.random.policeman.au

*.mail.psychic-gift.online psychic-gift.online *.psychic-gift.online *.webmail.psychic-gift.online

ptiv.pl *.ptiv.pl

*.c.sorghum.com.au *.random.sorghum.com.au sorghum.com.au *.sorghum.com.au

*.imap2.tenryu-kankou.com *.prod.tenryu-kankou.com tenryu-kankou.com *.tenryu-kankou.com *.ww25.tenryu-kankou.com *.ww38.tenryu-kankou.com

tueidj.net *.tueidj.net

*.hostmaster.webay.de *.staging.webay.de webay.de *.webay.de *.ww1.webay.de *.ww11.webay.de *.ww38.webay.de

widowsintelligence.com *.widowsintelligence.com

xdh.uk *.xdh.uk

xej.uk *.xej.uk

xep.uk *.xep.uk

xeu.uk *.xeu.uk