SSL Certificate Analysis for domios.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=faba.it

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 14, 2026

Valid Until

May 15, 2026 88 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

3E:5F:D0:EB:2F:90:3F:37:9A:8F:48:A7:4E:86:73:C4:8C:85:64:3D:41:CA:8A:E0:10:81:46:FC:2D:76:B6:96

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

domios.com *.domios.com

Other domains in certificate

4dai.co *.4dai.co *.gitlab.4dai.co *.imap.4dai.co *.phpmyadmin.4dai.co

*.a577891e-dd52-4631-8edb-d52d02accc32.baobeisnake.com *.app.baobeisnake.com *.backup.baobeisnake.com baobeisnake.com *.baobeisnake.com *.kzxovzezdfww6.baobeisnake.com *.mail.baobeisnake.com *.pixel.baobeisnake.com *.remote.baobeisnake.com *.staging.baobeisnake.com *.stg.baobeisnake.com *.ww6.baobeisnake.com

buruwan.com *.buruwan.com *.members.buruwan.com *.staging.buruwan.com

*.ai.buyingwords.com *.board.buyingwords.com buyingwords.com *.buyingwords.com *.dash.buyingwords.com *.demo.buyingwords.com *.dev.buyingwords.com *.development.buyingwords.com *.hotfix.buyingwords.com *.insights.buyingwords.com *.poc.buyingwords.com *.preprod.buyingwords.com *.preview.buyingwords.com *.prod.buyingwords.com *.report.buyingwords.com *.reporting.buyingwords.com *.service.buyingwords.com *.viz.buyingwords.com *.ww38.buyingwords.com

*.2024.degreesonline.it degreesonline.it *.degreesonline.it

*.crm.eradio24.com eradio24.com *.eradio24.com *.mail.eradio24.com

faba.it *.faba.it *.notexistsapp.faba.it

*.blog.guestblog.net guestblog.net *.guestblog.net *.whm.guestblog.net

*.hostmaster.italyfashionchannel.it italyfashionchannel.it *.italyfashionchannel.it

jonasrodrigues.com *.jonasrodrigues.com *.phpmyadmin.jonasrodrigues.com *.virtualaccess3.jonasrodrigues.com

*.ftp.pdstudios.com pdstudios.com *.pdstudios.com *.remote.pdstudios.com *.vpn.pdstudios.com *.www.pdstudios.com

pletenazica.com *.pletenazica.com *.wiki.pletenazica.com *.ww38.pletenazica.com

*.admin.prorack.it prorack.it *.prorack.it

spgd.it *.spgd.it *.supersets.spgd.it *.webmail.spgd.it

*.43.telextv.com *.dashboard.telextv.com *.hostmaster.telextv.com *.mail.telextv.com telextv.com *.telextv.com *.ww38.telextv.com

*.ftp.world-news.io world-news.io *.world-news.io