Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=moneypass.it
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 24, 2026
Valid Until
July 23, 2026
46 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F2:51:43:1F:23:CD:C8:19:4F:DC:77:04:32:0B:49:7C:3D:03:21:C6:D7:6B:13:B1:02:A3:65:68:8D:B6:DD:0F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
moneypass.it
*.moneypass.it
*.dashboards.moneypass.it
*.land.moneypass.it
*.mmx.moneypass.it
*.mx.moneypass.it
*.stats.moneypass.it
*.visual.moneypass.it
*.55690e20-79ef-441d-9db7-fb168651f3e8.cuisineorleans.com
*.79f49e21-4ca3-4d02-902d-1a45c77e1d5e.cuisineorleans.com
*.7fd22d07-c0be-41b7-99a1-aff14bd2c841.cuisineorleans.com
*.99130890-9985-4ab5-a222-d64fbcbe3167.cuisineorleans.com
*.ab707ab2-9653-499f-b0af-b076613f5260.cuisineorleans.com
*.admin.cuisineorleans.com
*.api.cuisineorleans.com
*.app.cuisineorleans.com
*.assets.cuisineorleans.com
*.backup.cuisineorleans.com
*.blog.cuisineorleans.com
*.c116f902-79d9-4860-8d59-7cf389f5f6c5.cuisineorleans.com
cuisineorleans.com
*.cuisineorleans.com
*.db4adf4b-7a7d-405a-b8a8-4336fa3b7694.cuisineorleans.com
*.demo.cuisineorleans.com
*.dev.cuisineorleans.com
*.ebay.cuisineorleans.com
*.hostmaster.cuisineorleans.com
*.new.cuisineorleans.com
*.omsk.cuisineorleans.com
*.remote.cuisineorleans.com
*.sslvpn.cuisineorleans.com
*.staging.cuisineorleans.com
*.test.cuisineorleans.com
*.testing.cuisineorleans.com
*.uat.cuisineorleans.com
*.vpn.cuisineorleans.com
*.www.cuisineorleans.com
*.alpha.deshi49.com
*.articles.deshi49.com
*.bangladeshi.deshi49.com
deshi49.com
*.deshi49.com
*.hd.deshi49.com
*.indian.deshi49.com
*.proxy.deshi49.com
*.xnx.deshi49.com
*.xnxx.deshi49.com
*.xxx.deshi49.com
*.api.ihlm.it
*.app.ihlm.it
*.dashboards.ihlm.it
*.dev.ihlm.it
ihlm.it
*.ihlm.it
*.intel.ihlm.it
*.reports.ihlm.it
*.owa.powermax.co.uk
*.payment.powermax.co.uk
powermax.co.uk
*.powermax.co.uk
rgystxnbca.net
*.rgystxnbca.net
*.ww38.rgystxnbca.net
sararadio.com
*.sararadio.com
tenxunl.shop
*.tenxunl.shop
*.97241296-e16f-4177-8f3c-d5beac23a0c3.wdroof.com
*.a.wdroof.com
*.admin.wdroof.com
*.api.wdroof.com
*.backup.wdroof.com
*.c93f2616-147b-4d80-80ec-173bbb0e3115.wdroof.com
*.dashboard.wdroof.com
*.docs.wdroof.com
*.evo.wdroof.com
*.external.wdroof.com
*.intranet.wdroof.com
*.mail.wdroof.com
*.rd.wdroof.com
*.rds.wdroof.com
*.remote.wdroof.com
*.sbyjdassets.wdroof.com
*.school.wdroof.com
*.secure.wdroof.com
*.stg.wdroof.com
*.v2.wdroof.com
wdroof.com
*.wdroof.com
*.www.wdroof.com
Other domains in certificate