Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=demax.it
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 05, 2026
Valid Until
July 04, 2026
55 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D0:83:10:76:63:88:84:8F:2E:7F:33:07:AA:D0:59:3E:72:72:6C:22:12:A1:4E:E9:75:F2:B1:38:A4:43:95:9F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
demax.it
*.demax.it
*.analytic.demax.it
*.analytics.demax.it
*.dashboard.demax.it
*.hostmaster.demax.it
*.metrics.demax.it
*.mx.demax.it
*.telebuna.demax.it
*.visual.demax.it
39da77aq.cc
*.39da77aq.cc
*.airflow.baniitai.info
baniitai.info
*.baniitai.info
*.test.baniitai.info
*.6c050a88-7653-4455-9b20-6350f6d2b70c.blogger.best
*.8a596fef-e529-40ae-bdc8-79d9dca78c9b.blogger.best
*.archive.blogger.best
*.assets.blogger.best
*.beta.blogger.best
blogger.best
*.blogger.best
*.cebiwwqf.blogger.best
*.dan.blogger.best
*.help.blogger.best
*.hostmaster.blogger.best
*.intranet.blogger.best
*.m.blogger.best
*.site.blogger.best
*.yswyldxzwwsite.blogger.best
nationsbenfit.com
*.nationsbenfit.com
*.admin.skan2er-mch.com
*.cllups.skan2er-mch.com
*.htbbektzrgh.skan2er-mch.com
skan2er-mch.com
*.skan2er-mch.com
*.store.skan2er-mch.com
toysquare.de
*.toysquare.de
*.u.toysquare.de
*.6f7a8d06-9f78-4370-88b4-561001ee50dd.wigforme.com
*.access.wigforme.com
*.admin.wigforme.com
*.api.wigforme.com
*.app.wigforme.com
*.b96f783a-d5bd-449d-850a-b0039c047671.wigforme.com
*.backup.wigforme.com
*.branches.wigforme.com
*.cpanel.wigforme.com
*.cvongaccess.wigforme.com
*.dashboard.wigforme.com
*.dev.wigforme.com
*.docs.wigforme.com
*.external.wigforme.com
*.gwdoydashboard.wigforme.com
*.hostmaster.wigforme.com
*.intranet.wigforme.com
*.irxjyexternal.wigforme.com
*.local.wigforme.com
*.locations.wigforme.com
*.m.wigforme.com
*.mail.wigforme.com
*.marketing.wigforme.com
*.mjsvwmailer.wigforme.com
*.mta-sts.wigforme.com
*.my.wigforme.com
*.oaloobackup.wigforme.com
*.oozpmvwihfmarketing.wigforme.com
*.oqxqxmta-sts.wigforme.com
*.qa.wigforme.com
*.quvsaerl.wigforme.com
*.sdpzvdashboard.wigforme.com
*.secure.wigforme.com
*.share.wigforme.com
*.staging.wigforme.com
*.stg.wigforme.com
*.stores.wigforme.com
*.uat.wigforme.com
*.v1.wigforme.com
*.v2.wigforme.com
*.vwihfmarketing.wigforme.com
*.web.wigforme.com
*.webmail.wigforme.com
wigforme.com
*.wigforme.com
*.www.wigforme.com
*.zfblpm.wigforme.com
Other domains in certificate