Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=volkswagen-das-auto2412.sbs
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 06, 2026
Valid Until
May 07, 2026
74 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E1:FA:6F:FE:E4:56:F6:6B:42:EC:B6:DE:EC:88:D4:23:9B:D2:7A:97:EB:3E:D5:EE:7C:67:7F:08:F0:A9:6E:B1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
amglaunch.com
*.amglaunch.com
*.ae6cb031-51fb-48f1-8f3d-dec469552f13.amglaunch.com
*.api.amglaunch.com
*.backup.amglaunch.com
*.c50065e8-4ca1-4a02-8ff6-bf21732ee6ab.amglaunch.com
*.neu.amglaunch.com
*.staging.amglaunch.com
*.vpn.amglaunch.com
3six9.space
*.3six9.space
*.app.3six9.space
*.website.3six9.space
alaskanmalmutes.com
*.alaskanmalmutes.com
assuringlearning.com
*.assuringlearning.com
*.cicd.assuringlearning.com
*.mail.assuringlearning.com
*.mx01.assuringlearning.com
*.random.assuringlearning.com
blocketpay.com
*.blocketpay.com
*.whatsapp.blocketpay.com
blueheight.click
*.blueheight.click
bridge-soch.com
*.bridge-soch.com
chaffee.life
*.chaffee.life
*.4edh0z39wseupympg2s25luof.companydao.site
companydao.site
*.companydao.site
*.form.companydao.site
*.home.companydao.site
*.inspirecollective.companydao.site
*.landing.companydao.site
*.stage.companydao.site
dokymentu.online
*.dokymentu.online
*.00484.getlive-podcast.com
*.29f80.getlive-podcast.com
*.2fe2b.getlive-podcast.com
*.32277.getlive-podcast.com
*.7224f.getlive-podcast.com
*.81aa3.getlive-podcast.com
*.f8b7f.getlive-podcast.com
getlive-podcast.com
*.getlive-podcast.com
*.rustore.getlive-podcast.com
*.admin.home-of-speed.com
home-of-speed.com
*.home-of-speed.com
*.ww1.home-of-speed.com
kiiraz.shop
*.kiiraz.shop
*.sitemap.kiiraz.shop
*.cpanel.krishokdotcom.net
*.cpcalendars.krishokdotcom.net
*.cpcontacts.krishokdotcom.net
krishokdotcom.net
*.krishokdotcom.net
*.webdisk.krishokdotcom.net
*.webmail.krishokdotcom.net
lucascesar.online
*.lucascesar.online
*.dev.mercadointernacional.com
mercadointernacional.com
*.mercadointernacional.com
*.mvideo.mercadointernacional.com
*.test.mercadointernacional.com
*.ww38.mercadointernacional.com
sensa.bet
*.sensa.bet
taxinaklady.eu
*.taxinaklady.eu
themagiccastle.com
*.themagiccastle.com
top1omg.me
*.top1omg.me
trendsens.store
*.trendsens.store
ugdhair.com
*.ugdhair.com
volkswagen-das-auto2412.sbs
*.volkswagen-das-auto2412.sbs
werc.live
*.werc.live
xmovies8up.com
*.xmovies8up.com
Other domains in certificate