Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=venticello.it
Issuer
C=US, O=Let's Encrypt, CN=YR2
Valid From
May 30, 2026
Valid Until
August 28, 2026
82 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
58:35:A1:10:DA:B2:96:F6:78:EF:3B:DE:BA:57:0D:17:0A:8C:C2:B7:0E:60:C3:6B:92:F4:29:6C:41:4B:24:CB
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
tacticax.com
*.tacticax.com
28740.co
*.28740.co
442c1870be432c66.com
*.442c1870be432c66.com
456a00aa70c7897e.com
*.456a00aa70c7897e.com
47cd2a154c312319.com
*.47cd2a154c312319.com
727231.com
*.727231.com
77296.loan
*.77296.loan
96058.vip
*.96058.vip
brightconnectnetwork.xyz
*.brightconnectnetwork.xyz
celebratingselfcare.com
*.celebratingselfcare.com
cherish.digital
*.cherish.digital
chesapeakebaylion.com
*.chesapeakebaylion.com
chronowatchspa.com
*.chronowatchspa.com
chu155q.top
*.chu155q.top
citymappingpros.com
*.citymappingpros.com
comiuiu.vip
*.comiuiu.vip
cyberhub361.top
*.cyberhub361.top
extraversive.com
*.extraversive.com
fkh776x.top
*.fkh776x.top
fllyivmgkjd8lqh.my
*.fllyivmgkjd8lqh.my
fusij.loan
*.fusij.loan
fymzym.loan
*.fymzym.loan
getsoluciones.com
*.getsoluciones.com
h18513.cc
*.h18513.cc
hegtudatos.com
*.hegtudatos.com
js010.my
*.js010.my
matdoor.info
*.matdoor.info
mru7gm.cc
*.mru7gm.cc
murrayselitewaves.com
*.murrayselitewaves.com
mzbdg.gdn
*.mzbdg.gdn
nexpast.com
*.nexpast.com
nf-edu.cn
*.nf-edu.cn
omnieaccountinglabs.com
*.omnieaccountinglabs.com
pleaserproductions.com
*.pleaserproductions.com
qtfgsdnndsvfdv23899a52fd.top
*.qtfgsdnndsvfdv23899a52fd.top
reofunding.net
*.reofunding.net
search-online-quiz-usa.sbs
*.search-online-quiz-usa.sbs
shield.house
*.shield.house
valuevoyagepartners.live
*.valuevoyagepartners.live
*.admin.venticello.it
*.app.venticello.it
*.backend.venticello.it
*.hostmaster.venticello.it
venticello.it
*.venticello.it
veritablefitness.club
*.veritablefitness.club
wwwyw3129.com
*.wwwyw3129.com
wwwyw3177.com
*.wwwyw3177.com
Other domains in certificate