SSL Certificate Analysis for visual.strateg.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=liquidart.com.au

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 20, 2026

Valid Until

August 18, 2026 55 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D3:E4:BD:76:B9:63:9D:00:4F:0A:0F:A3:DC:F4:4D:73:FB:6A:EA:3A:3B:77:24:A0:0F:AE:4A:C7:C7:9A:4D:A2

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

strateg.it *.strateg.it *.aniqmail.strateg.it *.backend.strateg.it *.bi.strateg.it *.cloud.strateg.it *.correo.strateg.it *.correu.strateg.it *.dev.strateg.it *.eposta.strateg.it *.ex02.strateg.it *.exchange.strateg.it *.hostmaster.strateg.it *.imap.strateg.it *.mail.strateg.it *.mail1.strateg.it *.metric.strateg.it *.msexch2k13.strateg.it *.mx001.strateg.it *.mymail.strateg.it *.outlook.strateg.it *.owa.strateg.it *.rd.strateg.it *.rds.strateg.it *.rdweb.strateg.it *.reports.strateg.it *.smtpa.strateg.it *.staging.strateg.it *.stats.strateg.it *.superset.strateg.it *.visual.strateg.it

Other domains in certificate

atuzvt.games *.atuzvt.games *.www.atuzvt.games

*.admin.gorrieri.it *.bi.gorrieri.it *.cloud.gorrieri.it *.dashboard.gorrieri.it *.exchange.gorrieri.it gorrieri.it *.gorrieri.it *.imap.gorrieri.it *.mailgw.gorrieri.it *.mx.gorrieri.it *.mymail.gorrieri.it *.rds.gorrieri.it *.remote.gorrieri.it

*.ieyeplay.liquidart.com.au liquidart.com.au *.liquidart.com.au *.wildcard.liquidart.com.au *.ww25.liquidart.com.au

*.img1-fg.mdque.com mdque.com *.mdque.com

*.explomi.nervo.com *.hostmaster.nervo.com *.img1-fg.nervo.com *.mail.nervo.com *.mail2.nervo.com nervo.com *.nervo.com *.ww42.nervo.com *.www.nervo.com

*.admin.psiinfo.com psiinfo.com *.psiinfo.com *.www.psiinfo.com

*.api.spawned.it *.app.spawned.it *.dev.spawned.it *.metrics.spawned.it spawned.it *.spawned.it

*.ww25.x20.au *.ww38.x20.au x20.au *.x20.au

*.271ff194-1d2e-481a-b018-54e6ad0d41c4.yourresultssolutions.co *.files.yourresultssolutions.co *.mails.yourresultssolutions.co *.mta-sts.yourresultssolutions.co *.mta.yourresultssolutions.co *.mx2.yourresultssolutions.co *.news.yourresultssolutions.co *.ns.yourresultssolutions.co *.ww16.yourresultssolutions.co yourresultssolutions.co *.yourresultssolutions.co