Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=prometto.it
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 14, 2026
Valid Until
August 12, 2026
83 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
72:50:57:42:AC:47:FD:29:46:71:54:C6:F3:3E:0D:77:30:A8:5E:37:75:9F:93:63:E7:88:99:8D:7E:96:D4:48
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
vk9i.com
*.vk9i.com
*.lt.vk9i.com
apikeckabpati.org
*.apikeckabpati.org
*.mhibb2.apikeckabpati.org
arezzolightinganddesign.com
*.arezzolightinganddesign.com
*.ww25.arezzolightinganddesign.com
*.ww38.arezzolightinganddesign.com
asdir.com
*.asdir.com
*.hostmaster.asdir.com
clickbuzz.site
*.clickbuzz.site
*.saltt.clickbuzz.site
*.ww16.clickbuzz.site
*.32.fort7.studio
fort7.studio
*.fort7.studio
genciamabeco.site
*.genciamabeco.site
*.ww38.genciamabeco.site
healtychildren.org
*.healtychildren.org
*.ww25.healtychildren.org
*.ww38.healtychildren.org
*.www.healtychildren.org
*.home.mijngezonheid.net
mijngezonheid.net
*.mijngezonheid.net
*.ww25.mijngezonheid.net
*.admin.monellina.it
*.alpha.monellina.it
*.analytic.monellina.it
*.api.monellina.it
*.hostmaster.monellina.it
*.insights.monellina.it
*.mail.monellina.it
*.metrics.monellina.it
monellina.it
*.monellina.it
*.mx.monellina.it
*.owa.monellina.it
*.prod.monellina.it
*.remote.monellina.it
*.smtp.monellina.it
*.ssl.monellina.it
*.staging.monellina.it
*.webmail.monellina.it
*.www.monellina.it
newyorklasersurgery.com
*.newyorklasersurgery.com
*.pay.newyorklasersurgery.com
*.dev.poppay.lat
poppay.lat
*.poppay.lat
*.test.poppay.lat
*.admin.prometto.it
*.backend.prometto.it
*.dashboards.prometto.it
prometto.it
*.prometto.it
*.reports.prometto.it
rickimportados.com.br
*.rickimportados.com.br
*.ww17.rickimportados.com.br
sun-day.co
*.sun-day.co
*.ww17.sun-day.co
*.ww25.sun-day.co
*.acc8ee0e-7f73-4c70-a75a-93d228637abe.swordwars.com
swordwars.com
*.swordwars.com
*.sitemaps.takipciabi.click
takipciabi.click
*.takipciabi.click
*.ww38.takipciabi.click
ufret.us
*.ufret.us
*.ww38.ufret.us
*.notexistszimbra.urinary.it
*.staging.urinary.it
urinary.it
*.urinary.it
*.www.urinary.it
*.test.yes77.cc
yes77.cc
*.yes77.cc
Other domains in certificate