DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt

Certificate Information

Subject
CN=inkedmuscle.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 22, 2026
Valid Until
August 20, 2026 70 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FA:B2:F1:5F:1E:6D:F8:D2:F4:FB:6A:E1:8D:75:2F:CF:36:52:25:93:DC:CC:8D:9D:3D:7E:60:0F:DA:D1:8D:F2
Alternative Names
89 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains
haygen.com *.haygen.com *.aap.haygen.com *.analytics.haygen.com *.api.haygen.com *.app.haygen.com *.appo.haygen.com *.appp.haygen.com *.argo.haygen.com *.dashboard.haygen.com *.dashs.haygen.com *.demo.haygen.com *.files2.haygen.com *.hpp.haygen.com *.intelligence.haygen.com *.lab.haygen.com *.labs.haygen.com *.laps.haygen.com *.mail.haygen.com *.metrics.haygen.com *.mx01.haygen.com *.nwfresh.haygen.com *.superset.haygen.com *.webmail.haygen.com *.ww16.haygen.com *.wwe.haygen.com *.www.haygen.com

Other domains in certificate

*.analytics.bannerpubblicitari.it bannerpubblicitari.it *.bannerpubblicitari.it *.bi.bannerpubblicitari.it *.board.bannerpubblicitari.it *.dashs.bannerpubblicitari.it *.email.bannerpubblicitari.it *.eposta.bannerpubblicitari.it *.ex02.bannerpubblicitari.it *.gateway.bannerpubblicitari.it *.mail.bannerpubblicitari.it *.mx.bannerpubblicitari.it *.notexistssql.bannerpubblicitari.it *.ogrencieposta.bannerpubblicitari.it *.outlook.bannerpubblicitari.it *.owa.bannerpubblicitari.it *.pop.bannerpubblicitari.it *.rd.bannerpubblicitari.it *.rdp.bannerpubblicitari.it *.rdweb.bannerpubblicitari.it *.remote.bannerpubblicitari.it *.report.bannerpubblicitari.it *.smail.bannerpubblicitari.it *.superset.bannerpubblicitari.it *.webmail.bannerpubblicitari.it *.webmail05.bannerpubblicitari.it *.www.bannerpubblicitari.it
crackstream.im *.crackstream.im *.wildcard.crackstream.im *.ww38.crackstream.im
*.comune.expectbeauty.com expectbeauty.com *.expectbeauty.com *.mail.expectbeauty.com *.mail5.expectbeauty.com *.mxs.expectbeauty.com *.pay.expectbeauty.com *.random.expectbeauty.com *.wildcard.expectbeauty.com *.ww11.expectbeauty.com *.ww25.expectbeauty.com
fdcivamdrome.org *.fdcivamdrome.org
followmelive.com *.followmelive.com *.random.followmelive.com *.ww25.followmelive.com
*.hostmaster.inkedmuscle.com inkedmuscle.com *.inkedmuscle.com *.random.inkedmuscle.com
theoffering.it *.theoffering.it
theque.it *.theque.it
*.hostmaster.unixapplications.com *.mx.unixapplications.com *.sitemap.unixapplications.com unixapplications.com *.unixapplications.com *.www.unixapplications.com