SSL Certificate Analysis for web.1wine.run - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=pavino.it

Issuer

C=US, O=Let's Encrypt, CN=YR1

Valid From

May 28, 2026

Valid Until

August 26, 2026 69 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D5:64:FE:07:73:7E:7A:9E:EE:80:E5:E1:BC:5A:87:B4:56:C6:A2:71:12:88:4A:82:E8:09:46:CF:4D:2F:83:87

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

1wine.run *.1wine.run *.admin.1wine.run *.app.1wine.run *.demo.1wine.run *.mail.1wine.run *.marketing.1wine.run *.secure.1wine.run *.shop.1wine.run *.stg.1wine.run *.web.1wine.run

Other domains in certificate

7xo.asia *.7xo.asia *.dsfopiro.7xo.asia

*.8a4ba925-3a8e-4449-818a-cf87c10faf30.auntdory.info *.api.auntdory.info auntdory.info *.auntdory.info *.backup.auntdory.info *.fekpga.auntdory.info *.rustore.auntdory.info *.staging.auntdory.info *.uat.auntdory.info *.www.auntdory.info

*.casino.casinoboost.top casinoboost.top *.casinoboost.top *.www.casinoboost.top

connectresident.co *.connectresident.co *.fsrauthserv.connectresident.co

*.admin.guarani.it *.app.guarani.it *.demo.guarani.it guarani.it *.guarani.it *.hostmaster.guarani.it *.mail-av.guarani.it *.mail.guarani.it *.notexistsmail-av.guarani.it *.staging.guarani.it

hddot.com *.hddot.com *.hostmaster.hddot.com *.random.hddot.com

koopknwkouv.com *.koopknwkouv.com *.ww38.koopknwkouv.com

*.email.pavino.it *.gp.pavino.it *.online.pavino.it pavino.it *.pavino.it *.pop.pavino.it *.rd.pavino.it *.rdweb.pavino.it *.xd.pavino.it

*.com.pkluckgame.online *.ftp.pkluckgame.online *.log.pkluckgame.online *.mail.pkluckgame.online *.main.pkluckgame.online *.mx.pkluckgame.online *.online.pkluckgame.online pkluckgame.online *.pkluckgame.online *.prod.pkluckgame.online *.smtp.pkluckgame.online *.test.pkluckgame.online

positive-connections.com *.positive-connections.com *.relationshipgoals.positive-connections.com

*.random.remotecamera.com.au remotecamera.com.au *.remotecamera.com.au

*.random.sellyourbike.com.au sellyourbike.com.au *.sellyourbike.com.au *.wildcard.sellyourbike.com.au *.ww38.sellyourbike.com.au *.www.sellyourbike.com.au

soundtomind.com *.soundtomind.com

*.blog.tinymoviez.co *.prod.tinymoviez.co *.sdhillsidegardenspvsky.tinymoviez.co tinymoviez.co *.tinymoviez.co *.ww25.tinymoviez.co *.ww38.tinymoviez.co