Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=annalia.it
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 04, 2026
Valid Until
May 05, 2026
73 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AD:36:4F:18:EE:15:4B:D7:BB:A7:B0:6A:DC:EC:B2:5D:5F:5A:F0:79:DF:71:08:96:EB:86:56:7B:41:12:7C:6C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
beyondop.com
*.beyondop.com
annalia.it
*.annalia.it
anseraronioduealhere.cyou
*.anseraronioduealhere.cyou
anytimemba.com
*.anytimemba.com
aomoritrout.com
*.aomoritrout.com
aoneinvestmentpro.com
*.aoneinvestmentpro.com
apb26.top
*.apb26.top
apiuh.pro
*.apiuh.pro
apos.xyz
*.apos.xyz
appearsurr.shop
*.appearsurr.shop
aquafire7.com
*.aquafire7.com
arenaiceracing.com
*.arenaiceracing.com
arenaslegend.com
*.arenaslegend.com
arkada-casino-uiy.top
*.arkada-casino-uiy.top
artisticjobmarketplace.click
*.artisticjobmarketplace.click
asan-stock-service-my-xyz.click
*.asan-stock-service-my-xyz.click
assurance-habitation-pas-cher.cfd
*.assurance-habitation-pas-cher.cfd
atmsai.com
*.atmsai.com
autospin777win.com
*.autospin777win.com
autostreet.it
*.autostreet.it
avidmarket.com
*.avidmarket.com
axcentersupervisor.com
*.axcentersupervisor.com
axis.credit
*.axis.credit
axn31.top
*.axn31.top
azura4dbest.com
*.azura4dbest.com
b14875664.com
*.b14875664.com
b14876092.com
*.b14876092.com
b14878828.com
*.b14878828.com
b2badvertising.sbs
*.b2badvertising.sbs
babeltradinginvestment.com
*.babeltradinginvestment.com
baguetting.it
*.baguetting.it
bankfirst.it
*.bankfirst.it
bannercircuit.it
*.bannercircuit.it
bathroom-remodel-nearby.click
*.bathroom-remodel-nearby.click
bayingo16.xyz
*.bayingo16.xyz
bedroom-flats-422956089.click
*.bedroom-flats-422956089.click
belita.co
*.belita.co
beself.it
*.beself.it
bestbuymobiles.com
*.bestbuymobiles.com
beta138-kamboja.xyz
*.beta138-kamboja.xyz
beyond-osaka-402595034.click
*.beyond-osaka-402595034.click
bgt26.top
*.bgt26.top
bh2op.com
*.bh2op.com
bidnowzz.buzz
*.bidnowzz.buzz
biggbossott4.live
*.biggbossott4.live
Other domains in certificate