Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=magistvgratis.org
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 13, 2026
Valid Until
August 11, 2026
77 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A2:31:83:87:4F:CD:4B:64:4B:98:57:73:B7:03:D5:3A:A7:F6:41:13:F1:E8:32:76:59:28:3C:D2:04:A3:F8:BE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
iciodaverona.com
*.iciodaverona.com
*.s79ghi.iciodaverona.com
a229yjj.top
*.a229yjj.top
*.xrqcg.a229yjj.top
beesforlife.org
*.beesforlife.org
*.www.beesforlife.org
cestitkecitati.com
*.cestitkecitati.com
*.cpcalendars.cestitkecitati.com
*.www.cestitkecitati.com
*.assets.hajusile.com
hajusile.com
*.hajusile.com
*.members.hajusile.com
hotoffice.it
*.hotoffice.it
*.metric.hotoffice.it
*.staging.hotoffice.it
*.admin.kn88.co
*.api.kn88.co
*.app.kn88.co
*.assets.kn88.co
*.b87895b2-1c61-4f05-8d49-4bbcd98d98c2.kn88.co
*.demo.kn88.co
*.dev.kn88.co
*.dhlfkapp.kn88.co
*.e311adb9-4c6e-4b21-b2e5-8cddf6bf5aa8.kn88.co
*.hmhitadmin.kn88.co
kn88.co
*.kn88.co
*.test.kn88.co
*.testing.kn88.co
magistvgratis.org
*.magistvgratis.org
*.www.magistvgratis.org
*.ci.mooseonthelooseny.com
*.crm.mooseonthelooseny.com
*.dashboard.mooseonthelooseny.com
*.lime.mooseonthelooseny.com
mooseonthelooseny.com
*.mooseonthelooseny.com
*.prod.mooseonthelooseny.com
*.qa.mooseonthelooseny.com
*.random.mooseonthelooseny.com
*.sitemaps.mooseonthelooseny.com
*.staging.mooseonthelooseny.com
*.ww25.mooseonthelooseny.com
*.ww38.mooseonthelooseny.com
*.gr92mrh.play-hot-adult.life
play-hot-adult.life
*.play-hot-adult.life
*.development.promomoda.it
*.h.promomoda.it
*.hostmaster.promomoda.it
*.mail.promomoda.it
*.metric.promomoda.it
*.mx.promomoda.it
promomoda.it
*.promomoda.it
*.q.promomoda.it
*.remote.promomoda.it
*.reporting.promomoda.it
*.s.promomoda.it
*.ukzgjq.promomoda.it
*.v.promomoda.it
*.www.promomoda.it
*.cn.startupdotcom-themovie.com
*.de.startupdotcom-themovie.com
*.et.startupdotcom-themovie.com
*.gu.startupdotcom-themovie.com
*.hr.startupdotcom-themovie.com
*.ja.startupdotcom-themovie.com
*.kn.startupdotcom-themovie.com
startupdotcom-themovie.com
*.startupdotcom-themovie.com
*.th.startupdotcom-themovie.com
*.tw.startupdotcom-themovie.com
*.uk.startupdotcom-themovie.com
*.vi.startupdotcom-themovie.com
*.0755.szboy.top
*.m.szboy.top
*.pipeline.szboy.top
*.s.szboy.top
szboy.top
*.szboy.top
*.t.szboy.top
*.ww25.szboy.top
Other domains in certificate