DNS Gurus
Cached · just now
79/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt

Certificate Information

Subject
CN=museums.it.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 09, 2026
Valid Until
May 10, 2026 76 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3F:ED:EF:8A:F4:B2:E8:05:C3:FB:05:4D:4D:7C:0D:15:56:1A:24:7F:86:DE:FB:F6:5C:B7:3B:0B:C9:16:07:D3
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
rahmaansons.com *.rahmaansons.com

Other domains in certificate

cheapnfldolphinsjerseys.site *.cheapnfldolphinsjerseys.site
clearsinsteadofsmears.com *.clearsinsteadofsmears.com
cloudagency.site *.cloudagency.site
coldemaillabs.us *.coldemaillabs.us
countyofoswegoida.site *.countyofoswegoida.site
cthink.top *.cthink.top
dadiao.sbs *.dadiao.sbs
dexblockchain.com *.dexblockchain.com
doyoh.sbs *.doyoh.sbs
dunked.asia *.dunked.asia
dynamicdocuments.site *.dynamicdocuments.site
eaglemoss-shop.site *.eaglemoss-shop.site
eclipsesolution.site *.eclipsesolution.site
ecobux.site *.ecobux.site
ecocomedoresescolaresdecanarias.com *.ecocomedoresescolaresdecanarias.com
elector.club *.elector.club
museums.it.com *.museums.it.com
naturereviews-subscriptions.com *.naturereviews-subscriptions.com
new-water-heater-installation.site *.new-water-heater-installation.site
onlineweb3.com *.onlineweb3.com
panipromo.site *.panipromo.site
payingtoomuch.co *.payingtoomuch.co
personaintimates.com *.personaintimates.com
powtick.com *.powtick.com
prep-credit-card-jp-mb10.click *.prep-credit-card-jp-mb10.click
primacy.work *.primacy.work
quannnic.ninja *.quannnic.ninja
queenstreet.net *.queenstreet.net
quieroviaje.app *.quieroviaje.app
r2008r.sbs *.r2008r.sbs
raagjatt.vip *.raagjatt.vip
rovebrandrecruitment.online *.rovebrandrecruitment.online
safiraslot.live *.safiraslot.live
sbo991.pro *.sbo991.pro
senahost.com *.senahost.com
servicio-de-camaras-de-vigilancia-1.cfd *.servicio-de-camaras-de-vigilancia-1.cfd
slota2.site *.slota2.site
somethinginclabs.com *.somethinginclabs.com
sportingtoulonvar.com *.sportingtoulonvar.com
stargatek.com *.stargatek.com
steelsupplycolorado.com *.steelsupplycolorado.com
stopgreenwash.org *.stopgreenwash.org
sunsemper.site *.sunsemper.site
swayr.toys *.swayr.toys