Open
Cached
·
just now
91/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=andritz.email
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
January 30, 2026
Valid Until
April 30, 2026
73 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
27:8E:19:33:5D:BE:6D:37:77:FC:8A:56:00:8F:DB:08:61:00:A3:A8:21:E8:67:C5:1E:94:E7:D7:ED:39:0C:DF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin
Permissions-Policy
Present
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Recommendations
- • Add Content-Security-Policy header to prevent XSS attacks
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
84 domains
sasos.de
*.sasos.de
*.analytics.sasos.de
*.shop.sasos.de
*.staging.sasos.de
*.store.sasos.de
andritz.email
*.andritz.email
chiadvocate.org
*.chiadvocate.org
digimonk.media
*.digimonk.media
favorites-toolbar.com
*.favorites-toolbar.com
hairypussynudewomen.xyz
*.hairypussynudewomen.xyz
*.www.hairypussynudewomen.xyz
*.en.hostelleriesaintclement.com
hostelleriesaintclement.com
*.hostelleriesaintclement.com
info-log1.com
*.info-log1.com
*.pendaftaran-mr-diy.info-log1.com
*.video-virall.info-log1.com
jdav69.me
*.jdav69.me
kumamoto-kenmin-shinbun.com
*.kumamoto-kenmin-shinbun.com
*.sso.kumamoto-kenmin-shinbun.com
*.ww38.kumamoto-kenmin-shinbun.com
*.cpcontacts.maratontemuco.com
maratontemuco.com
*.maratontemuco.com
*.random.maratontemuco.com
*.webdisk.maratontemuco.com
*.webmail.maratontemuco.com
*.wildcard.maratontemuco.com
*.ww25.maratontemuco.com
*.338672614.muzeika.com
muzeika.com
*.muzeika.com
plaitsafe.org
*.plaitsafe.org
polebanner.info
*.polebanner.info
*.autoconfig.prediksiku.biz
*.ftp.prediksiku.biz
prediksiku.biz
*.prediksiku.biz
*.adm.republicasocial.network
*.app.republicasocial.network
*.dev.republicasocial.network
*.erp.republicasocial.network
*.hosting.republicasocial.network
*.m.republicasocial.network
*.my.republicasocial.network
*.new.republicasocial.network
*.panel.republicasocial.network
republicasocial.network
*.republicasocial.network
*.shop.republicasocial.network
selectum.io
*.selectum.io
*.ww25.selectum.io
*.ww38.selectum.io
spicy.solutions
*.spicy.solutions
sqlops.io
*.sqlops.io
telecomsatasettlement.com
*.telecomsatasettlement.com
trovalavoro.news
*.trovalavoro.news
*.backend.tss911.org
*.hostname.tss911.org
*.member.tss911.org
*.net.tss911.org
tss911.org
*.tss911.org
*.tss911.tss911.org
*.tss919.tss911.org
*.winner911.tss911.org
wfewegtfv5.xyz
*.wfewegtfv5.xyz
Other domains in certificate