Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=forapp.it
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 15, 2026
Valid Until
August 13, 2026
89 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
04:38:95:2A:8E:CE:BC:12:78:6C:0B:E4:FC:85:29:71:D7:16:26:89:7F:FA:8A:9E:58:E2:59:A7:17:A1:FF:E7
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
forapp.it
*.forapp.it
*.correo.forapp.it
*.dashs.forapp.it
*.exch2016.forapp.it
*.exchange.forapp.it
*.intel.forapp.it
*.internal.forapp.it
*.metrics.forapp.it
*.notexistsapp.forapp.it
*.notexistsdemo.forapp.it
*.notexistsremote.forapp.it
*.redash.forapp.it
*.report.forapp.it
*.supersets.forapp.it
*.visual.forapp.it
*.api.baihuacloud.art
*.app.baihuacloud.art
*.assets.baihuacloud.art
*.autodiscover.baihuacloud.art
baihuacloud.art
*.baihuacloud.art
*.chat.baihuacloud.art
*.crm.baihuacloud.art
*.demo.baihuacloud.art
*.docs.baihuacloud.art
*.portal.baihuacloud.art
bancatix.com
*.bancatix.com
*.random.bancatix.com
*.ww16.bancatix.com
*.ww25.bancatix.com
*.ww38.bancatix.com
berrierfarmsinc.com
*.berrierfarmsinc.com
*.wildcard.berrierfarmsinc.com
caobb5.com
*.caobb5.com
funipic.de
*.funipic.de
*.pool.funipic.de
geneshealthfoods.com
*.geneshealthfoods.com
*.ww1.geneshealthfoods.com
*.ww25.geneshealthfoods.com
greatplacesincanada.com
*.greatplacesincanada.com
kanawhasherriff.us
*.kanawhasherriff.us
*.ww38.kanawhasherriff.us
koroshitenai.com
*.koroshitenai.com
laptopchargers.com.au
*.laptopchargers.com.au
marquee-jp.com
*.marquee-jp.com
mychildren.org
*.mychildren.org
*.ww25.mychildren.org
n-life.net
*.n-life.net
*.ww38.n-life.net
*.autodiscover.picturespla.net
*.cpcontacts.picturespla.net
picturespla.net
*.picturespla.net
*.webmail.picturespla.net
*.ww25.picturespla.net
*.ww38.picturespla.net
*.7l49w3.positionamplifyywave.info
positionamplifyywave.info
*.positionamplifyywave.info
rapando.net
*.rapando.net
*.random.ritesofspringmovie.com
ritesofspringmovie.com
*.ritesofspringmovie.com
shrekthemusicalontour.com
*.shrekthemusicalontour.com
*.ww38.shrekthemusicalontour.com
*.www.shrekthemusicalontour.com
vectorizor.io
*.vectorizor.io
*.ww25.vectorizor.io
workoutpla.net
*.workoutpla.net
*.m.xnxx.vin
xnxx.vin
*.xnxx.vin
Other domains in certificate