Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=fashionmolds.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 25, 2026
Valid Until
August 23, 2026
76 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BF:0D:AA:1B:42:BB:10:FB:A7:8F:4E:D1:9A:66:18:C3:24:24:AD:38:8F:C4:64:1C:7B:A3:B4:40:B2:D4:3A:C7
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
myrgccsid.org
*.myrgccsid.org
*.api.myrgccsid.org
*.testing.myrgccsid.org
*.ww1.myrgccsid.org
fashionmolds.com
*.fashionmolds.com
financialhousekeeper.com
*.financialhousekeeper.com
*.api.firstglasstasting.com
*.dev.firstglasstasting.com
firstglasstasting.com
*.firstglasstasting.com
*.gateway.firstglasstasting.com
*.gp.firstglasstasting.com
*.members.firstglasstasting.com
*.ra.firstglasstasting.com
*.remoteapp.firstglasstasting.com
*.test.firstglasstasting.com
*.webvpn.firstglasstasting.com
flare-network.com
*.flare-network.com
kitchenperfect.store
*.kitchenperfect.store
*.com.lowcostcbd.com
lowcostcbd.com
*.lowcostcbd.com
*.org.lowcostcbd.com
*.pro.lowcostcbd.com
*.sitemaps.lowcostcbd.com
*.top.lowcostcbd.com
*.2c96f4aa-1f15-44f5-bfa7-2af1f3cf443a.m-casibom868.com
*.api.m-casibom868.com
*.app.m-casibom868.com
*.backup.m-casibom868.com
*.com7-926b-a78e4e1035c6.m-casibom868.com
*.dd017db1-60af-4448-b40f-61cb2958115e.m-casibom868.com
*.dev.m-casibom868.com
*.ehxkov2.m-casibom868.com
m-casibom868.com
*.m-casibom868.com
*.mail.m-casibom868.com
*.mailer.m-casibom868.com
*.qa.m-casibom868.com
*.secure.m-casibom868.com
*.uat.m-casibom868.com
*.v2.m-casibom868.com
*.dashboard.nb1111.com
*.funnycgw3.nb1111.com
*.interestingcgw1.nb1111.com
nb1111.com
*.nb1111.com
*.4caf8f61-c71b-47ad-bc6c-38f88a4fb084.popboxfactory.info
*.a.popboxfactory.info
*.amcdihwcqhxqqntadmin.popboxfactory.info
*.backup.popboxfactory.info
*.cbjr63.popboxfactory.info
*.hwcqhxqqntadmin.popboxfactory.info
*.members.popboxfactory.info
popboxfactory.info
*.popboxfactory.info
*.staging.popboxfactory.info
*.uat.popboxfactory.info
*.www.popboxfactory.info
*.8a2e9910-df88-487a-9ad1-25888488e072.shag2ya.space
*.aging.shag2ya.space
*.api.shag2ya.space
*.app.shag2ya.space
*.backup.shag2ya.space
*.dev.shag2ya.space
*.fcb678c2-37c4-42e2-94a4-5e5431d482f5.shag2ya.space
*.kofalstaging.shag2ya.space
shag2ya.space
*.shag2ya.space
*.staging.shag2ya.space
*.uat.shag2ya.space
*.vbrdga.shag2ya.space
*.app.weatherometer.com
*.blog.weatherometer.com
*.dev.weatherometer.com
*.hostmaster.weatherometer.com
*.sitemaps.weatherometer.com
weatherometer.com
*.weatherometer.com
*.ww1.weatherometer.com
*.ww16.weatherometer.com
*.ww17.weatherometer.com
*.ww25.weatherometer.com
*.ww38.weatherometer.com
*.www.weatherometer.com
Other domains in certificate