Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=mascalzoni.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 24, 2026
Valid Until
May 25, 2026
89 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0B:58:0C:BC:ED:A0:BB:E8:E8:CC:96:43:8B:A5:38:21:05:57:45:A5:2A:74:E5:1D:F2:8D:AD:E5:C5:BB:CC:0B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
programmatoriweb.com
*.programmatoriweb.com
barmlecznystodola.pl
*.barmlecznystodola.pl
*.ww38.barmlecznystodola.pl
caringbidge.org
*.caringbidge.org
*.ww25.caringbidge.org
cbdreviews.net
*.cbdreviews.net
*.mail.cbdreviews.net
*.api.coalizioni.com
coalizioni.com
*.coalizioni.com
*.www.coalizioni.com
couple.au
*.couple.au
*.en.couple.au
*.un.couple.au
*.cdn.golights.com.au
golights.com.au
*.golights.com.au
*.search.golights.com.au
*.staging.golights.com.au
*.superset.golights.com.au
*.ww16.golights.com.au
*.ww17.golights.com.au
*.ww25.golights.com.au
*.www.golights.com.au
hobbylabs.com
*.hobbylabs.com
*.cpanel.idyllerencontre.fr
idyllerencontre.fr
*.idyllerencontre.fr
*.www.idyllerencontre.fr
insatiabledemand.com
*.insatiabledemand.com
*.www.insatiabledemand.com
jarfallaridcenter.se
*.jarfallaridcenter.se
*.ww38.jarfallaridcenter.se
*.hostmaster.mascalzoni.com
*.mail2.mascalzoni.com
mascalzoni.com
*.mascalzoni.com
*.donation.motorcyclespecs.us
motorcyclespecs.us
*.motorcyclespecs.us
newschannel7.com
*.newschannel7.com
*.us.newschannel7.com
*.mail.niokaronisdvealtrl.cyou
niokaronisdvealtrl.cyou
*.niokaronisdvealtrl.cyou
*.pop.niokaronisdvealtrl.cyou
*.hostmaster.pgatour.it
pgatour.it
*.pgatour.it
*.mail.plnkaronioasdaltsavvy.shop
plnkaronioasdaltsavvy.shop
*.plnkaronioasdaltsavvy.shop
*.pop.plnkaronioasdaltsavvy.shop
*.whm.plnkaronioasdaltsavvy.shop
*.dev.rainbowlooms.com
*.forums.rainbowlooms.com
*.mail.rainbowlooms.com
rainbowlooms.com
*.rainbowlooms.com
*.rustore.rainbowlooms.com
*.sitemap.rainbowlooms.com
*.sitemaps.rainbowlooms.com
*.ww16.rainbowlooms.com
*.autodiscover.snippy.com.au
*.random.snippy.com.au
snippy.com.au
*.snippy.com.au
*.ww38.snippy.com.au
swsnsonvitamins.com
*.swsnsonvitamins.com
*.ww25.swsnsonvitamins.com
*.com.vacwarbirds.net
vacwarbirds.net
*.vacwarbirds.net
*.1www.youjizz18.com
*.airflow.youjizz18.com
*.ww25.youjizz18.com
*.ww38.youjizz18.com
*.www.youjizz18.com
youjizz18.com
*.youjizz18.com
Other domains in certificate