Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=sextoday.it
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
March 03, 2026
Valid Until
June 01, 2026
36 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FC:BC:B6:AE:C1:9B:65:5B:8D:9C:6E:BC:FA:87:96:84:D6:53:A0:D6:16:D9:B8:7B:EA:FE:C1:91:0C:B4:F0:1D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
sextoday.it
*.sextoday.it
*.data.sextoday.it
*.ace.advertsing.com
*.adaptv.advertsing.com
*.adtech.advertsing.com
advertsing.com
*.advertsing.com
*.auth.advertsing.com
*.comune.advertsing.com
*.edge.advertsing.com
*.forum.advertsing.com
*.imap4.advertsing.com
*.labs.advertsing.com
*.newsite.advertsing.com
*.old.advertsing.com
*.origin.advertsing.com
*.pilsnet.advertsing.com
*.uk.advertsing.com
*.visualize.advertsing.com
*.viz.advertsing.com
*.ww17.advertsing.com
amazpon.in
*.amazpon.in
*.sellerflex.amazpon.in
asahitower.net
*.asahitower.net
*.rtpresmi7772.asahitower.net
*.api.carvan.site
*.app.carvan.site
*.backend.carvan.site
*.bundourn.carvan.site
carvan.site
*.carvan.site
*.flow.carvan.site
*.hostmaster.carvan.site
*.my.carvan.site
*.poj0uctynfhl998q.carvan.site
conservativeideas.org
*.conservativeideas.org
*.hostmaster.conservativeideas.org
*.checkout.credit-cards05.online
credit-cards05.online
*.credit-cards05.online
*.webmail.credit-cards05.online
*.www.credit-cards05.online
diesamateurmatch.com
*.diesamateurmatch.com
*.ww16.diesamateurmatch.com
*.api.dizzlogin.com
*.app.dizzlogin.com
*.backend.dizzlogin.com
*.development.dizzlogin.com
dizzlogin.com
*.dizzlogin.com
*.admin.linizio.it
linizio.it
*.linizio.it
*.owa.linizio.it
*.backend.myreal.it
*.ci.myreal.it
*.hostmaster.myreal.it
myreal.it
*.myreal.it
*.admin.prubenfitscenter.com
*.backup.prubenfitscenter.com
*.beta.prubenfitscenter.com
*.blog.prubenfitscenter.com
*.crm.prubenfitscenter.com
*.demo.prubenfitscenter.com
*.forum.prubenfitscenter.com
*.help.prubenfitscenter.com
*.hostmaster.prubenfitscenter.com
*.localhost.prubenfitscenter.com
*.m.prubenfitscenter.com
*.new.prubenfitscenter.com
*.old.prubenfitscenter.com
prubenfitscenter.com
*.prubenfitscenter.com
*.remote.prubenfitscenter.com
*.shop.prubenfitscenter.com
*.store.prubenfitscenter.com
*.temp.prubenfitscenter.com
rigol-signet-asper.space
*.rigol-signet-asper.space
*.shop.rigol-signet-asper.space
*.random.stream2east.com
stream2east.com
*.stream2east.com
*.ww16.stream2east.com
Other domains in certificate