Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=cypsuministros.es
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 06, 2026
Valid Until
May 07, 2026
85 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
41:26:4E:86:C4:24:D3:D5:F4:B9:51:DE:2A:1E:44:2B:E9:CA:69:EB:E9:FF:75:A7:38:00:0A:51:9B:6C:99:44
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
dasyolo.com
*.dasyolo.com
cypsuministros.es
*.cypsuministros.es
daikoku.tokyo
*.daikoku.tokyo
danatur.net
*.danatur.net
daniotti.it
*.daniotti.it
dataengineering.info
*.dataengineering.info
datingrealgirl.co.uk
*.datingrealgirl.co.uk
democracyclub.org
*.democracyclub.org
denrtyx.info
*.denrtyx.info
dental-dentistry-190949784.click
*.dental-dentistry-190949784.click
depression-treatments-guide-1.today
*.depression-treatments-guide-1.today
descubra-tudospy.online
*.descubra-tudospy.online
dewanya505.cfd
*.dewanya505.cfd
dfhij.net
*.dfhij.net
difitrustchain.com
*.difitrustchain.com
digitalwebradio.it
*.digitalwebradio.it
djaxsxmbx.net
*.djaxsxmbx.net
dnnetcoin.org
*.dnnetcoin.org
domain-test.cloud
*.domain-test.cloud
doname.site
*.doname.site
dreamyweddingsideas.beauty
*.dreamyweddingsideas.beauty
drivee.co
*.drivee.co
dustdragon.com
*.dustdragon.com
e-l.ch
*.e-l.ch
easydm.me
*.easydm.me
egwfb.net
*.egwfb.net
employee-planning-510702335.click
*.employee-planning-510702335.click
en684.top
*.en684.top
energy-biology.com
*.energy-biology.com
enlist.cloud
*.enlist.cloud
envy-asset.com
*.envy-asset.com
erusilmax.com
*.erusilmax.com
evanmawarireonline.com
*.evanmawarireonline.com
excenes.com
*.excenes.com
exploretanzaniaadventures.com
*.exploretanzaniaadventures.com
eybmo.net
*.eybmo.net
fabivo.com
*.fabivo.com
farmwise.co
*.farmwise.co
ficleon.mx
*.ficleon.mx
findingjoyinretirement.com
*.findingjoyinretirement.com
findingtrigifyservices.com
*.findingtrigifyservices.com
findthedonuthq.com
*.findthedonuthq.com
firepastibayar.vip
*.firepastibayar.vip
fittasi.it
*.fittasi.it
fix-basement-186932087.click
*.fix-basement-186932087.click
Other domains in certificate