Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=blackeye.it
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 21, 2026
Valid Until
August 19, 2026
65 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
82:76:39:93:D3:18:E3:D3:CC:10:2E:8A:0E:8A:05:4C:B3:C3:78:EF:D6:21:83:7C:24:82:42:C5:47:99:77:AC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
blackeye.it
*.blackeye.it
autokredit-anbieter.de
*.autokredit-anbieter.de
breedermatch.net
*.breedermatch.net
*.cloud.breedermatch.net
*.webmail.breedermatch.net
cartolineaugurali.it
*.cartolineaugurali.it
cinemix.studio
*.cinemix.studio
gfxpeers.com
*.gfxpeers.com
*.preprod.gfxpeers.com
*.ww1.gfxpeers.com
*.ww16.gfxpeers.com
iheartstitching.com
*.iheartstitching.com
*.ww25.iheartstitching.com
*.comune.labodega.org
labodega.org
*.labodega.org
*.anyconnect.meng1.com
*.apps.meng1.com
*.client.meng1.com
*.gateway.meng1.com
*.help.meng1.com
*.hmobnbeta.meng1.com
*.login.meng1.com
*.m.meng1.com
meng1.com
*.meng1.com
*.office.meng1.com
*.portal.meng1.com
*.rds.meng1.com
*.rdweb.meng1.com
*.remote.meng1.com
*.remoteaccess.meng1.com
*.secureaccess.meng1.com
*.ssl.meng1.com
*.vpn.meng1.com
*.vpn1.meng1.com
*.vpn2.meng1.com
*.web.meng1.com
*.webvpn.meng1.com
*.www.meng1.com
multiquoteinsurance.com.au
*.multiquoteinsurance.com.au
nashiknews.in
*.nashiknews.in
*.ww25.nashiknews.in
*.ww38.nashiknews.in
*.3bd3d51111d5.newstarinvest.com
*.blog.newstarinvest.com
*.cd.newstarinvest.com
*.m.newstarinvest.com
newstarinvest.com
*.newstarinvest.com
*.wp.newstarinvest.com
*.hieuvoi.nhu.au
nhu.au
*.nhu.au
*.ww25.nhu.au
priusshota.com
*.priusshota.com
*.ww16.priusshota.com
*.ww25.priusshota.com
redit.education
*.redit.education
*.community.righteousness.eu
righteousness.eu
*.righteousness.eu
*.random.somersetbay.com.my
somersetbay.com.my
*.somersetbay.com.my
*.ns0.spacesaver.com.au
spacesaver.com.au
*.spacesaver.com.au
trafficlab.com.au
*.trafficlab.com.au
*.wildcard.trafficlab.com.au
treedynasty.com
*.treedynasty.com
valuate.au
*.valuate.au
*.random.warnkefarm.com
warnkefarm.com
*.warnkefarm.com
Other domains in certificate