Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=brasileaks.org
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
January 15, 2026
Valid Until
April 15, 2026
59 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
10:02:F6:1B:0D:4F:E3:FB:AD:E0:66:CC:85:E5:C0:D5:77:1E:B7:DF:6E:C1:6F:96:B7:82:DD:E5:AB:22:5A:5A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
poppo.live
*.poppo.live
*.age.poppo.live
*.akong.poppo.live
*.api.poppo.live
*.appogai.poppo.live
*.apps.poppo.live
*.h5.poppo.live
*.mail.poppo.live
*.me.poppo.live
*.on.poppo.live
*.pang.poppo.live
*.pokerling.poppo.live
*.sa.poppo.live
*.to.poppo.live
*.ww12.poppo.live
brasileaks.org
*.brasileaks.org
mcf.com.pl
*.mcf.com.pl
*.88ddgvsfj.doktorowicz.pl
*.blog.doktorowicz.pl
doktorowicz.pl
*.doktorowicz.pl
*.vfwptlsfj.doktorowicz.pl
funslot77.co
*.funslot77.co
*.ww25.funslot77.co
jumia11.cc
*.jumia11.cc
*.ads.kenh12.com
*.bit.kenh12.com
*.blog.kenh12.com
*.int.kenh12.com
kenh12.com
*.kenh12.com
*.lauxanh.kenh12.com
*.random.kenh12.com
*.url.kenh12.com
*.vn.kenh12.com
*.ytb.kenh12.com
*.dev.littlepohem.com
littlepohem.com
*.littlepohem.com
*.wp.littlepohem.com
*.www.littlepohem.com
*.ftp.mkvcinemas.digital
mkvcinemas.digital
*.mkvcinemas.digital
*.ww25.mkvcinemas.digital
*.www.mkvcinemas.digital
numinor.info
*.numinor.info
oyster-akua.com
*.oyster-akua.com
*.ww25.oyster-akua.com
*.ww38.oyster-akua.com
*.blog.publianuncios.com
*.forum.publianuncios.com
publianuncios.com
*.publianuncios.com
*.wildcard.publianuncios.com
*.ww16.publianuncios.com
quickstarshipping.com
*.quickstarshipping.com
rawkingmusic.site
*.rawkingmusic.site
timecapsule.com.au
*.timecapsule.com.au
*.wildcard.timecapsule.com.au
trenchhelpr.com
*.trenchhelpr.com
*.hersye.viralcuy.com
viralcuy.com
*.viralcuy.com
voyeuristic.com
*.voyeuristic.com
*.hostmaster.xache.com
*.sitemap.xache.com
*.sitemaps.xache.com
*.vpn.xache.com
*.wildcard.xache.com
*.ww1.xache.com
*.ww16.xache.com
*.ww17.xache.com
*.ww25.xache.com
*.ww38.xache.com
*.www.xache.com
xache.com
*.xache.com
Other domains in certificate