Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=freeclassifieds.it
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 24, 2026
Valid Until
August 22, 2026
56 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AA:28:6A:FC:B1:84:FC:BF:16:66:11:FF:9E:54:98:E0:9C:27:B1:00:AA:F0:70:83:75:ED:F4:63:57:06:2B:06
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
wp.au
*.wp.au
*.a.wp.au
*.anatoka.wp.au
*.hatmayetuimefkikia.wp.au
*.kw.wp.au
*.munarudi.wp.au
*.nakuletea.wp.au
*.natowa.wp.au
*.niko.wp.au
*.tunalala.wp.au
*.tunalipeleka.wp.au
*.uko.wp.au
*.umefik.wp.au
*.umezoea.wp.au
*.unaenda.wp.au
*.upo.wp.au
*.utachukuw.wp.au
*.wa.wp.au
*.walal.wp.au
*.wanakaa.wp.au
androidpolice.co
*.androidpolice.co
*.ww38.androidpolice.co
*.www.androidpolice.co
*.a.controller.it
controller.it
*.controller.it
*.mx.controller.it
curilearn.co
*.curilearn.co
*.ww25.curilearn.co
dragonarena.games
*.dragonarena.games
*.mainnet.dragonarena.games
*.metadata.dragonarena.games
dunkrunsonyou.com
*.dunkrunsonyou.com
dustyattic.au
*.dustyattic.au
*.wildcard.dustyattic.au
*.ww25.dustyattic.au
*.ww38.dustyattic.au
evalor.co
*.evalor.co
freeclassifieds.it
*.freeclassifieds.it
*.foryou.funnelxpress.co
*.funlazpro.funnelxpress.co
funnelxpress.co
*.funnelxpress.co
*.review.funnelxpress.co
*.superaffiliatesteps.funnelxpress.co
igasfac.com
*.igasfac.com
*.test.igasfac.com
*.wwww.igasfac.com
inveco.co
*.inveco.co
minegocio.co
*.minegocio.co
mokaku.studio
*.mokaku.studio
*.demo.mycareohio.com
mycareohio.com
*.mycareohio.com
*.random.mycareohio.com
*.ww16.mycareohio.com
*.ww25.mycareohio.com
mygcexperiance.com
*.mygcexperiance.com
*.analyze.oneidea.it
*.api.oneidea.it
*.bi.oneidea.it
*.dev.oneidea.it
oneidea.it
*.oneidea.it
*.superset.oneidea.it
*.audistpaul.salesrsvp.com
*.backend.salesrsvp.com
*.demo.salesrsvp.com
*.nissangalesburg.salesrsvp.com
salesrsvp.com
*.salesrsvp.com
soanstock.com
*.soanstock.com
*.ww25.soanstock.com
*.ww38.soanstock.com
youroptmumhealthcare.com
*.youroptmumhealthcare.com
Other domains in certificate