SSL Certificate Analysis for dev.nomorecash.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=naufragati.it

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 04, 2026

Valid Until

May 05, 2026 83 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

2F:93:2F:5E:4F:67:0D:64:76:B1:3A:23:A1:D3:50:4B:DE:0A:5D:51:97:AD:B1:A6:89:7C:BC:1B:E6:83:95:18

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

nomorecash.it *.nomorecash.it

Other domains in certificate

*.bi.naufragati.it naufragati.it *.naufragati.it

naury.it *.naury.it

nepalione.com *.nepalione.com

netcontent.it *.netcontent.it

newhopecounselingservices.com *.newhopecounselingservices.com

nexacore.co *.nexacore.co

niosdarealsync.cyou *.niosdarealsync.cyou

nnnn11.cc *.nnnn11.cc

noemy.it *.noemy.it

notdisturb.it *.notdisturb.it

notificare.it *.notificare.it

nuovoousato.it *.nuovoousato.it

nurse-aus1.click *.nurse-aus1.click

ogtqhmyk.xyz *.ogtqhmyk.xyz

okeraja33.quest *.okeraja33.quest

ombrine.it *.ombrine.it

omnwb.com *.omnwb.com

onar.it *.onar.it

onwinegirin.com *.onwinegirin.com

orac.it *.orac.it

orangesignaturemove.info *.orangesignaturemove.info

outbun-agency.xyz *.outbun-agency.xyz

parkinsonstreatment272783.icu *.parkinsonstreatment272783.icu

pcalswxa.com *.pcalswxa.com

peakfitnesslifestyle.run *.peakfitnesslifestyle.run

peregrinus.it *.peregrinus.it

pervertito.it *.pervertito.it

pggamers.com *.pggamers.com

phanphoichungcuhanoimoi.xyz *.phanphoichungcuhanoimoi.xyz

phdnae.xyz *.phdnae.xyz

phonecompany.it *.phonecompany.it

pixbet.love *.pixbet.love

play-arc-gorge.xyz *.play-arc-gorge.xyz

play-flame-territory.xyz *.play-flame-territory.xyz

play-game-expedition.xyz *.play-game-expedition.xyz

play-nova-summit.xyz *.play-nova-summit.xyz

play-storm-ascend.xyz *.play-storm-ascend.xyz

play-vivid-crypt.xyz *.play-vivid-crypt.xyz

playtraveltown.com *.playtraveltown.com

pnt.it *.pnt.it

pokerai.xyz *.pokerai.xyz

pokerin.it *.pokerin.it

politia.it *.politia.it