Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=passionmeat.it
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 24, 2026
Valid Until
May 25, 2026
89 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1A:4F:1D:94:5D:D3:DA:F9:01:1E:19:F5:09:01:48:22:8E:70:38:DD:71:80:AC:2D:B3:4C:91:D9:46:43:5C:57
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
espazio.com
*.espazio.com
amora-maille.com
*.amora-maille.com
*.mx.amora-maille.com
*.ww25.amora-maille.com
*.admin.creation8.com
*.beta.creation8.com
*.ca.creation8.com
*.careers.creation8.com
creation8.com
*.creation8.com
*.cs.creation8.com
*.fb.creation8.com
*.g.creation8.com
*.loja.creation8.com
*.mm.creation8.com
*.net.creation8.com
*.origin.creation8.com
*.ww17.creation8.com
*.ce7ea961-38bc-4597-bad7-946efae0cf40.guestprice.com
guestprice.com
*.guestprice.com
*.mailgw.guestprice.com
insidestraightdraw.com
*.insidestraightdraw.com
*.remote.insidestraightdraw.com
*.1re.kmjj.com
*.cloud.kmjj.com
kmjj.com
*.kmjj.com
*.onbus.kmjj.com
*.random.kmjj.com
*.ww45.kmjj.com
leafsivory.com
*.leafsivory.com
*.webmail.leafsivory.com
lightweightdesign.com
*.lightweightdesign.com
*.ww16.lightweightdesign.com
parmesanreibe.de
*.parmesanreibe.de
*.demo.passionmeat.it
*.dev.passionmeat.it
passionmeat.it
*.passionmeat.it
readingbible.com
*.readingbible.com
*.ww25.readingbible.com
*.bamtoki2.wfwf.cc
*.comxn--2i0bs2gg0emoi9mjj90a.wfwf.cc
*.dmb.wfwf.cc
*.en.wfwf.cc
*.happytoon.wfwf.cc
*.hdhd.wfwf.cc
*.joatoon.wfwf.cc
*.linkdott.wfwf.cc
*.manaboza.wfwf.cc
*.modutoon.wfwf.cc
*.newtoki.wfwf.cc
*.skytoon.wfwf.cc
*.tkor.wfwf.cc
*.toonkor.wfwf.cc
*.tvwikixyz.wfwf.cc
wfwf.cc
*.wfwf.cc
*.wtbox.wfwf.cc
*.wtoon.wfwf.cc
*.xn--2h7b95c.wfwf.cc
*.xn--2i0b34qcqltplbkb.wfwf.cc
*.xn--950bo4em5vj7j.wfwf.cc
*.xn--9l4b19kg3i.wfwf.cc
*.xn--9w3b910b.wfwf.cc
*.xn--9y2bn8b1q863d.wfwf.cc
*.xn--bh3b03j9zdeuo.wfwf.cc
*.xn--h10b90b998c.wfwf.cc
*.xn--h10bx0wsvp.wfwf.cc
*.xn--hu1b88ll0ffvo7li.wfwf.cc
*.xn--pr3b719a.wfwf.cc
*.xn--py2b816b94b.wfwf.cc
*.xn--t60bm9r2tq.wfwf.cc
*.xn--v52b35cm0j.wfwf.cc
*.xnod1b1rr7nh1e8xni3k.wfwf.cc
*.xnod1ba225g1yu.wfwf.cc
*.track.zeroriskgrowthemail.com
zeroriskgrowthemail.com
*.zeroriskgrowthemail.com
zodgane.xyz
*.zodgane.xyz
Other domains in certificate