Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=lovebag.it
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 06, 2026
Valid Until
July 05, 2026
41 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5F:CB:FD:EA:28:2B:AB:AB:8E:29:86:22:4F:FB:E4:22:51:44:06:46:4D:8F:7A:D2:72:19:15:13:0D:6C:6E:1B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
lovebag.it
*.lovebag.it
*.api.lovebag.it
*.app.lovebag.it
*.metric.lovebag.it
*.staging.lovebag.it
1088yhj301.top
*.1088yhj301.top
19269.locker
*.19269.locker
3318205.vip
*.3318205.vip
3318206.vip
*.3318206.vip
3318209.vip
*.3318209.vip
999643adh2.sbs
*.999643adh2.sbs
999854a6.sbs
*.999854a6.sbs
chinaccs.it.com
*.chinaccs.it.com
etiennedelacroix.it.com
*.etiennedelacroix.it.com
fablenight.com
*.fablenight.com
ghxlw.pet
*.ghxlw.pet
hongkong-gen-bit.it.com
*.hongkong-gen-bit.it.com
ingridlombard.it.com
*.ingridlombard.it.com
laurencemallet.it.com
*.laurencemallet.it.com
lawmarketingmaster.com
*.lawmarketingmaster.com
*.api.livebadai.xyz
*.app.livebadai.xyz
livebadai.xyz
*.livebadai.xyz
*.ww25.livebadai.xyz
*.ww38.livebadai.xyz
mariedeschamps.it.com
*.mariedeschamps.it.com
motorcycleloans.net
*.motorcycleloans.net
*.ww25.motorcycleloans.net
*.admin.mottalciata.com
*.argo.mottalciata.com
*.hostmaster.mottalciata.com
*.jobs.mottalciata.com
mottalciata.com
*.mottalciata.com
*.remote.mottalciata.com
*.static.mottalciata.com
*.superset-prod.mottalciata.com
*.workflow.mottalciata.com
*.anopino.profdez24.ru
*.diveevo.profdez24.ru
*.domodedovo.profdez24.ru
*.iglino.profdez24.ru
*.kachug.profdez24.ru
*.kormilovka.profdez24.ru
*.lvovskiy.profdez24.ru
*.mihaylovskoe.profdez24.ru
*.nikel.profdez24.ru
profdez24.ru
*.profdez24.ru
*.proletarskiy.profdez24.ru
*.rybinsk.profdez24.ru
*.svetlyy.profdez24.ru
*.tim.profdez24.ru
pt888.xyz
*.pt888.xyz
*.comune.rivermead.com
*.mvideo.rivermead.com
rivermead.com
*.rivermead.com
*.shop.rivermead.com
*.usa.rivermead.com
*.ww.rivermead.com
*.ww25.rivermead.com
ulyssemorel.it.com
*.ulyssemorel.it.com
*.nav.yagpbd.xyz
*.pipeline.yagpbd.xyz
*.ww1.yagpbd.xyz
*.ww38.yagpbd.xyz
yagpbd.xyz
*.yagpbd.xyz
Other domains in certificate