Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=clothingdiscount.it
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 08, 2026
Valid Until
July 07, 2026
33 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F5:EA:50:1C:3C:B8:62:40:8E:98:68:52:72:36:BE:6C:44:CC:4F:B2:07:90:8E:70:86:83:D0:FD:DB:C6:DE:39
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
74 domains
trufa.it
*.trufa.it
*.reporting.trufa.it
bintang-judi.click
*.bintang-judi.click
*.conteudo.bintang-judi.click
button.cm
*.button.cm
*.random.button.cm
clothingdiscount.it
*.clothingdiscount.it
creeitonebank.com
*.creeitonebank.com
darkwanderer.com
*.darkwanderer.com
*.random.darkwanderer.com
dogeprime.online
*.dogeprime.online
*.cpanel.doohee.xyz
doohee.xyz
*.doohee.xyz
dreemtimewhippet.com
*.dreemtimewhippet.com
*.www.dreemtimewhippet.com
eaststreams.ms
*.eaststreams.ms
*.ww16.eaststreams.ms
*.ww38.eaststreams.ms
getfikfap.com
*.getfikfap.com
gkmultan.com
*.gkmultan.com
labagrut.net
*.labagrut.net
*.webmail.labagrut.net
lpplt.com
*.lpplt.com
*.ww38.lpplt.com
*.dl.mp3home.me
mp3home.me
*.mp3home.me
newssierraleone.com
*.newssierraleone.com
pixday.bet
*.pixday.bet
*.random.republicans.au
republicans.au
*.republicans.au
*.hostmaster.rockthehousehoc.com
*.mx.rockthehousehoc.com
rockthehousehoc.com
*.rockthehousehoc.com
*.www.rockthehousehoc.com
safemax.online
*.safemax.online
solution-informatique-en-ligne.online
*.solution-informatique-en-ligne.online
travela.it
*.travela.it
*.email.tubemilk.com
*.mymail.tubemilk.com
*.rds1.tubemilk.com
*.rdweb.tubemilk.com
*.sslvpn.tubemilk.com
tubemilk.com
*.tubemilk.com
*.vpn.tubemilk.com
*.vpn2.tubemilk.com
*.ww25.tubemilk.com
*.www.tubemilk.com
vehicleaccidentlawyer.com.au
*.vehicleaccidentlawyer.com.au
yareli.it
*.yareli.it
Other domains in certificate