Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=basement-repair-dongxin-sa.click
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 04, 2026
Valid Until
May 05, 2026
77 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C5:16:5A:8D:B8:4C:EB:27:06:62:AA:AE:5D:EB:35:DE:B0:64:B7:B4:CF:BD:89:94:A6:3B:6B:E7:21:B4:E9:7C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
downloaddriver.it
*.downloaddriver.it
basement-repair-dongxin-sa.click
*.basement-repair-dongxin-sa.click
bestsleep.it
*.bestsleep.it
bettole.it
*.bettole.it
bluenovacustom.com
*.bluenovacustom.com
bodyon.it
*.bodyon.it
boldcrest.shop
*.boldcrest.shop
bonanza138vip.baby
*.bonanza138vip.baby
bongobytes.com
*.bongobytes.com
borat.it
*.borat.it
braccounting.click
*.braccounting.click
bravobet77.monster
*.bravobet77.monster
cafebre.com
*.cafebre.com
calacabay.com
*.calacabay.com
car-rental-281041659.click
*.car-rental-281041659.click
catcustom.com
*.catcustom.com
cercato.it
*.cercato.it
chocolateaoleitecremosinho.com
*.chocolateaoleitecremosinho.com
consolidate-debt-752295370.click
*.consolidate-debt-752295370.click
consultingengineering.it
*.consultingengineering.it
cooldeal.org
*.cooldeal.org
correggo.it
*.correggo.it
cosmicgossipround.live
*.cosmicgossipround.live
daysoflifee.com
*.daysoflifee.com
digitalcards.co
*.digitalcards.co
distrazione.it
*.distrazione.it
durgarestaurant.com
*.durgarestaurant.com
edcrfv.bid
*.edcrfv.bid
endlessembrace.com
*.endlessembrace.com
enigmatic.it
*.enigmatic.it
equivatexacomsds.com
*.equivatexacomsds.com
expofood.it
*.expofood.it
familyroom.it
*.familyroom.it
froggy.it
*.froggy.it
gamblerpensiun.com
*.gamblerpensiun.com
gewichtheben.com
*.gewichtheben.com
globalgossipflow.live
*.globalgossipflow.live
gol188.com
*.gol188.com
goldenboys.it
*.goldenboys.it
highrise-hotel.com
*.highrise-hotel.com
highroadranchrecords.com
*.highroadranchrecords.com
holoshirts.us
*.holoshirts.us
hometowncherokee.com
*.hometowncherokee.com
hwgnc.net
*.hwgnc.net
i-ecommerce.com
*.i-ecommerce.com
Other domains in certificate