Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=tap2.it
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 21, 2026
Valid Until
August 19, 2026
54 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
12:C8:11:CC:6A:7E:9E:D4:68:32:4C:1F:AF:E4:1C:9B:B4:D1:7E:CE:A7:E5:BD:23:CD:D3:CA:51:AD:49:79:3A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
87 domains
tap2.it
*.tap2.it
*.admin.tap2.it
*.analytics.tap2.it
*.api.tap2.it
*.board.tap2.it
*.dash.tap2.it
*.research.tap2.it
*.summary.tap2.it
*.superset.tap2.it
catherinetyldesley.co.uk
*.catherinetyldesley.co.uk
*.ww25.catherinetyldesley.co.uk
f-kerry.com
*.f-kerry.com
*.localhost.f-kerry.com
*.sitemap.f-kerry.com
*.sitemaps.f-kerry.com
*.ww1.f-kerry.com
*.ww99.f-kerry.com
*.www.f-kerry.com
*.app.freechip123a.homes
*.dev.freechip123a.homes
freechip123a.homes
*.freechip123a.homes
*.shop.freechip123a.homes
*.www.freechip123a.homes
*.219b9701-b2e1-4cb7-a0cb-2fc6b2c47817.nicesell.com
*.admin.nicesell.com
*.api.nicesell.com
*.app.nicesell.com
*.autoconfig.nicesell.com
*.autodiscover.nicesell.com
*.backend.nicesell.com
*.carddav.nicesell.com
*.chat.nicesell.com
*.coin.nicesell.com
*.cp.nicesell.com
*.cpanel.nicesell.com
*.d2f03fc9-1248-42c9-bab6-08e902a33d50.nicesell.com
*.dev.nicesell.com
*.df41a8e0-fddd-4d59-9d8e-207b1f397a24.nicesell.com
*.eka.nicesell.com
*.facebook.nicesell.com
*.forum.nicesell.com
*.ftp.nicesell.com
*.hmakufacebook.nicesell.com
*.home.nicesell.com
*.huodong.nicesell.com
*.imap.nicesell.com
*.intranet.nicesell.com
*.laravel.nicesell.com
*.localhost.nicesell.com
*.m.nicesell.com
*.mail2.nicesell.com
*.media.nicesell.com
*.mobile.nicesell.com
*.mx2.nicesell.com
*.myapps2.nicesell.com
*.news.nicesell.com
nicesell.com
*.nicesell.com
*.ns.nicesell.com
*.old.nicesell.com
*.owa.nicesell.com
*.pop3.nicesell.com
*.remote.nicesell.com
*.shop.nicesell.com
*.sign.nicesell.com
*.smtp.nicesell.com
*.static.nicesell.com
*.test.nicesell.com
*.voronezh.nicesell.com
*.vpn.nicesell.com
*.wap.nicesell.com
*.web.nicesell.com
*.webdisk.nicesell.com
*.webmail.nicesell.com
*.weka.nicesell.com
*.whm.nicesell.com
*.wlaqtautodiscover.nicesell.com
*.wnjwghmakufacebook.nicesell.com
*.www.nicesell.com
*.www2.nicesell.com
*.xnhnzmail2.nicesell.com
*.xwocewnjwghmakufacebook.nicesell.com
*.ynooymx2.nicesell.com
Other domains in certificate