Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=sdsanto-markus2.org
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 13, 2026
Valid Until
August 11, 2026
77 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
16:71:07:6F:EA:44:EC:8E:BB:DD:76:D0:70:5C:CC:43:CB:E8:FA:DE:46:33:8D:29:52:5A:D1:0D:BD:C5:84:90
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
protechpick.tech
*.protechpick.tech
*.32.protechpick.tech
bellsiuth.net
*.bellsiuth.net
*.byus.bellsiuth.net
*.chiquiteellis.bellsiuth.net
*.cirp.bellsiuth.net
*.co.bellsiuth.net
*.dk.bellsiuth.net
*.hime.bellsiuth.net
*.home.bellsiuth.net
*.mail.bellsiuth.net
*.random.bellsiuth.net
*.webmeil.bellsiuth.net
bitexcoinx.com
*.bitexcoinx.com
*.dev.bitexcoinx.com
*.ww1.bitexcoinx.com
*.ww38.bitexcoinx.com
*.ww7.bitexcoinx.com
*.www.bitexcoinx.com
brandstorm.world
*.brandstorm.world
*.jdh5lo.brandstorm.world
ccdegh.xyz
*.ccdegh.xyz
*.api.deepqnetworks.com
deepqnetworks.com
*.deepqnetworks.com
*.admin.dolcinotti.it
*.ai.dolcinotti.it
*.api.dolcinotti.it
*.backend.dolcinotti.it
*.dashs.dolcinotti.it
*.dev.dolcinotti.it
dolcinotti.it
*.dolcinotti.it
*.redash.dolcinotti.it
*.staging.dolcinotti.it
einrichtungbeispiele.de
*.einrichtungbeispiele.de
*.32.mostlyirrelevant.info
mostlyirrelevant.info
*.mostlyirrelevant.info
opentheretirementos.com
*.opentheretirementos.com
patrolaval.co
*.patrolaval.co
psolove.fun
*.psolove.fun
*.backend.radiox.live
*.cicd.radiox.live
*.preprod.radiox.live
radiox.live
*.radiox.live
*.rustore.radiox.live
*.sitemap.radiox.live
*.staging.radiox.live
*.ww16.radiox.live
*.ww25.radiox.live
*.ww38.radiox.live
*.www.radiox.live
reachingscalestrategy.co
*.reachingscalestrategy.co
*.api.sdsanto-markus2.org
sdsanto-markus2.org
*.sdsanto-markus2.org
*.staging.sdsanto-markus2.org
*.uat.sdsanto-markus2.org
*.yfn4xa.sdsanto-markus2.org
*.cbhl3x.trainersvaultcards.shop
trainersvaultcards.shop
*.trainersvaultcards.shop
*.app.trendgruppevorteil.com
*.pvadlezoami.trendgruppevorteil.com
*.sitemap.trendgruppevorteil.com
*.sitemaps.trendgruppevorteil.com
trendgruppevorteil.com
*.trendgruppevorteil.com
*.ww1.trendgruppevorteil.com
triotrektrust.xyz
*.triotrektrust.xyz
trybrandaccurate.com
*.trybrandaccurate.com
*.dev.winonline.it
*.owa.winonline.it
*.superset.winonline.it
winonline.it
*.winonline.it
Other domains in certificate