Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=bestofyou.it
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
March 18, 2026
Valid Until
June 16, 2026
37 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B5:8A:5E:58:61:94:64:4E:B2:4D:52:CF:19:46:B1:93:1D:6C:BE:3B:52:E7:EC:2B:99:2C:4F:91:2B:81:31:91
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
informationsecurity.it
*.informationsecurity.it
*.4.informationsecurity.it
*.hostmaster.informationsecurity.it
agiables.com
*.agiables.com
*.backend.agiables.com
*.beta-ci.agiables.com
*.ci-integration.agiables.com
*.ci-jenkins.agiables.com
*.ci.agiables.com
*.demo.agiables.com
*.dev.agiables.com
*.jenkins.agiables.com
*.pipeline-demo.agiables.com
*.pipeline-preview.agiables.com
*.preview.agiables.com
*.sitemap.agiables.com
*.sitemaps.agiables.com
*.staging.agiables.com
bestofyou.it
*.bestofyou.it
*.checkout.bestofyou.it
*.remote.bestofyou.it
creativeyouth.net
*.creativeyouth.net
*.m.creativeyouth.net
*.random.creativeyouth.net
defiagent.us
*.defiagent.us
*.3bf26b7c-7c95-4240-bb91-fb59b569b738.erica.best
*.8dc33869-a5a5-486d-9263-3472c00f534f.erica.best
*.a.erica.best
*.admin.erica.best
*.agruam.erica.best
*.api.erica.best
*.app.erica.best
*.assets.erica.best
*.backup.erica.best
*.bancopro.erica.best
*.dan.erica.best
*.demo.erica.best
*.dev.erica.best
erica.best
*.erica.best
*.hostmaster.erica.best
*.m.erica.best
*.meda.erica.best
*.mx.erica.best
*.pbrcvdan.erica.best
*.premiera.erica.best
*.staging.erica.best
*.test.erica.best
horseandhoundgastropub.com
*.horseandhoundgastropub.com
*.sword-and-sorcery.horseandhoundgastropub.com
*.mbb.minternet.net
minternet.net
*.minternet.net
*.users.minternet.net
*.196c76ba-b5bc-4098-9188-7e8d7f067cda.phanerosart.com
*.26b03a69-5af5-4657-83c4-54cc80ff1635.phanerosart.com
*.2e8c9518-c1bc-4d39-b212-c77ec6e3440c.phanerosart.com
*.6a388e19-08c9-40d5-b88e-0cec431375ca.phanerosart.com
*.accounts.phanerosart.com
*.apps.phanerosart.com
*.backup.phanerosart.com
*.cmnjzagr.phanerosart.com
*.dashboard.phanerosart.com
*.insight.phanerosart.com
*.intelligence.phanerosart.com
*.m.phanerosart.com
*.member.phanerosart.com
*.mobile.phanerosart.com
*.mta-sts.phanerosart.com
*.new.phanerosart.com
phanerosart.com
*.phanerosart.com
*.pixels.phanerosart.com
*.qa.phanerosart.com
*.rdweb.phanerosart.com
*.rustore.phanerosart.com
*.staging.phanerosart.com
*.whyglkdp.phanerosart.com
*.my.sbssg.online
sbssg.online
*.sbssg.online
*.ww25.sbssg.online
xn--blutkrperchen-mmb.de
*.xn--blutkrperchen-mmb.de
Other domains in certificate