Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=xtl.de
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 24, 2026
Valid Until
August 22, 2026
81 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E5:F8:85:5A:D2:7C:8E:57:B5:FC:EA:07:53:56:FA:74:26:89:E6:4D:8D:D6:7D:D2:FE:AF:35:23:AD:C7:51:75
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
2x6c.cc
*.2x6c.cc
*.m.2x6c.cc
*.512zg1.amplifyamplifyynexus.info
amplifyamplifyynexus.info
*.amplifyamplifyynexus.info
*.ryx9v6.amplifyamplifyynexus.info
deutsche-rentenversichwrung.de
*.deutsche-rentenversichwrung.de
geologica-acta.com
*.geologica-acta.com
*.ww16.geologica-acta.com
*.457579c4-5540-42b3-9765-4d19bdf78515.honoreats.food
*.64ccdf15-6638-4e37-89fd-a61b5ff4de80.honoreats.food
*.app.honoreats.food
honoreats.food
*.honoreats.food
*.app.namenickel.com
*.backend.namenickel.com
*.files.namenickel.com
*.hostmaster.namenickel.com
*.intranet.namenickel.com
*.legacy.namenickel.com
*.m.namenickel.com
*.mail.namenickel.com
namenickel.com
*.namenickel.com
*.portal.namenickel.com
*.shop.namenickel.com
*.store.namenickel.com
*.vpn.namenickel.com
*.email.nathaliemanfrino.com
nathaliemanfrino.com
*.nathaliemanfrino.com
*.uat.nathaliemanfrino.com
nswav.com.au
*.nswav.com.au
*.qa.qiufeng0425.com
qiufeng0425.com
*.qiufeng0425.com
*.930ccaf1-5c8b-40a3-bb9e-e08e4e799519.schools.baby
*.admin.schools.baby
*.api.schools.baby
*.app.schools.baby
*.assets.schools.baby
*.b62a25b4-72c8-4dcd-9b20-62a46a1535f9.schools.baby
*.backup.schools.baby
*.blog.schools.baby
*.demo.schools.baby
*.dev.schools.baby
*.edit.schools.baby
*.f903f226-4922-4acc-876d-e37f6a9f8c1a.schools.baby
*.m.schools.baby
*.mail.schools.baby
schools.baby
*.schools.baby
*.send.schools.baby
*.shop.schools.baby
*.staging.schools.baby
*.test.schools.baby
*.uat.schools.baby
*.wildcard.schools.baby
*.www.schools.baby
*.admin.screenprintingshirts.com
*.api.screenprintingshirts.com
*.app.screenprintingshirts.com
*.backend.screenprintingshirts.com
*.hostmaster.screenprintingshirts.com
screenprintingshirts.com
*.screenprintingshirts.com
*.share.shgdqingxi.cn
shgdqingxi.cn
*.shgdqingxi.cn
*.api.shopmasstore.art
*.app.shopmasstore.art
*.docs.shopmasstore.art
*.external.shopmasstore.art
*.intranet.shopmasstore.art
*.portal.shopmasstore.art
*.share.shopmasstore.art
shopmasstore.art
*.shopmasstore.art
*.spdgi9.shopmasstore.art
voicefy.store
*.voicefy.store
xtl.de
*.xtl.de
*.preprod.yluuuu.vip
yluuuu.vip
*.yluuuu.vip
Other domains in certificate