Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=mariacarla.it
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 04, 2026
Valid Until
May 05, 2026
80 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DF:94:4E:1D:DC:B3:A4:5B:B8:EF:02:DB:CB:9E:5D:75:7D:EC:48:D2:AB:F6:FD:03:0E:34:6A:78:DE:AD:4C:E2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
noterror.it
*.noterror.it
mariacarla.it
*.mariacarla.it
mcubeonline.com
*.mcubeonline.com
meledak77broh.click
*.meledak77broh.click
mnsbs.pro
*.mnsbs.pro
mobilephonebizopportunity.com
*.mobilephonebizopportunity.com
moonlightonthemtn.com
*.moonlightonthemtn.com
morotriloficial.com
*.morotriloficial.com
movesphere.org
*.movesphere.org
mpinfotechug.com
*.mpinfotechug.com
multiformat.it
*.multiformat.it
mypoint.it
*.mypoint.it
namaskar.it
*.namaskar.it
neos.vision
*.neos.vision
*.store.neos.vision
newclik.it
*.newclik.it
newlearning.it
*.newlearning.it
nfuys.vip
*.nfuys.vip
nioeraronitasdalsion.cyou
*.nioeraronitasdalsion.cyou
nowforyou.it
*.nowforyou.it
odettepharma.com
*.odettepharma.com
office-space-vn-3nd.click
*.office-space-vn-3nd.click
ohk6azzhk7ia.cc
*.ohk6azzhk7ia.cc
oka.it
*.oka.it
omsorghealth.com
*.omsorghealth.com
onemorething.it
*.onemorething.it
opensecureuptime.com
*.opensecureuptime.com
organicvally.com
*.organicvally.com
ouroffice.net
*.ouroffice.net
ourstory.it
*.ourstory.it
p38afz0.shop
*.p38afz0.shop
panen99-playground.vip
*.panen99-playground.vip
par.it
*.par.it
parcoblu.it
*.parcoblu.it
pdhbo.pro
*.pdhbo.pro
perfectweddingday.cfd
*.perfectweddingday.cfd
perfectwoman.org
*.perfectwoman.org
persoperperso.it
*.persoperperso.it
pflegekrafte-gesucht-1.cfd
*.pflegekrafte-gesucht-1.cfd
photofree.it
*.photofree.it
picciolini.it
*.picciolini.it
pinupbaku.com
*.pinupbaku.com
planted.it
*.planted.it
play-frost-adventure.xyz
*.play-frost-adventure.xyz
play-whisper-terminal.xyz
*.play-whisper-terminal.xyz
Other domains in certificate