SSL Certificate Analysis for mail.hardfree.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=mediaflixonline.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 19, 2026

Valid Until

August 17, 2026 62 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

FC:BF:D3:F6:F1:41:CB:59:D1:1C:E2:7A:D5:19:DB:BA:F1:E7:F8:B1:6A:E7:C4:7A:35:00:B0:C1:10:59:8A:9A

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

hardfree.it *.hardfree.it *.demo.hardfree.it *.mail.hardfree.it *.webmail.hardfree.it

Other domains in certificate

ageingcare.com *.ageingcare.com *.ww1.ageingcare.com *.ww17.ageingcare.com *.ww38.ageingcare.com

*.comune.crackheaps.com crackheaps.com *.crackheaps.com

ericondren.com *.ericondren.com *.wildcard.ericondren.com *.ww25.ericondren.com

gulfwindseastdestin.com *.gulfwindseastdestin.com *.ww25.gulfwindseastdestin.com

*.book.mediaflixonline.com mediaflixonline.com *.mediaflixonline.com *.sport.mediaflixonline.com

orien.life *.orien.life

*.mail.smoko.eu smoko.eu *.smoko.eu

teenpattibox.com *.teenpattibox.com *.ww25.teenpattibox.com

*.88c32da7-6e89-4944-8e17-2471c2f5af78.uwmychart.org *.admin.uwmychart.org *.alpha.uwmychart.org *.analytics.uwmychart.org *.ann.uwmychart.org *.api.uwmychart.org *.app.uwmychart.org *.assets.uwmychart.org *.backend.uwmychart.org *.backup.uwmychart.org *.board.uwmychart.org *.clickhouse.uwmychart.org *.console.uwmychart.org *.dash.uwmychart.org *.dashboard.uwmychart.org *.data.uwmychart.org *.demo.uwmychart.org *.dev.uwmychart.org *.development.uwmychart.org *.euhmbnotexistsstaging.uwmychart.org *.home.uwmychart.org *.hostmaster.uwmychart.org *.internal.uwmychart.org *.m.uwmychart.org *.mail.uwmychart.org *.mobile.uwmychart.org *.mpmswreport.uwmychart.org *.msnqywwe.uwmychart.org *.mychart.uwmychart.org *.news.uwmychart.org *.notexistsstaging.uwmychart.org *.pipeline.uwmychart.org *.preprod.uwmychart.org *.random.uwmychart.org *.remote.uwmychart.org *.report.uwmychart.org *.reporting.uwmychart.org *.research.uwmychart.org *.staging.uwmychart.org *.status.uwmychart.org *.summary.uwmychart.org *.superset.uwmychart.org *.uat.uwmychart.org uwmychart.org *.uwmychart.org *.wap.uwmychart.org *.web.uwmychart.org *.webmail.uwmychart.org *.wp.uwmychart.org *.wwe.uwmychart.org *.www.uwmychart.org *.ycxlwinternal.uwmychart.org

*.qww.wheresgorge.com wheresgorge.com *.wheresgorge.com *.wildcard.wheresgorge.com *.ww25.wheresgorge.com