Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=15820.ca
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 07, 2026
Valid Until
July 06, 2026
41 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F8:32:CA:3F:28:91:25:38:38:B2:CB:F2:CE:1D:DF:8E:26:FA:84:9F:32:4C:C7:C9:0F:62:C3:8C:C6:57:A5:FC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
whispers.it
*.whispers.it
*.api.whispers.it
*.data.whispers.it
*.dev.whispers.it
*.hostmaster.whispers.it
*.report.whispers.it
*.staging.whispers.it
*.superset.whispers.it
15820.ca
*.15820.ca
18827.co
*.18827.co
2020censusautomatedclassroomtraining.com
*.2020censusautomatedclassroomtraining.com
*.ww25.2020censusautomatedclassroomtraining.com
*.ww38.2020censusautomatedclassroomtraining.com
*.www.2020censusautomatedclassroomtraining.com
a48655328.top
*.a48655328.top
avventura.it.com
*.avventura.it.com
bda-treptow.de
*.bda-treptow.de
bem46.top
*.bem46.top
cinelabpro.sbs
*.cinelabpro.sbs
daswetter.it
*.daswetter.it
funsign.it.com
*.funsign.it.com
html-metatags.de
*.html-metatags.de
hupol.info
*.hupol.info
hyuza.live
*.hyuza.live
j7ygpe5wbw.top
*.j7ygpe5wbw.top
jav528.app
*.jav528.app
kode4dgaspol.com
*.kode4dgaspol.com
*.www.kode4dgaspol.com
*.eu.lekukoa.com
*.fr.lekukoa.com
lekukoa.com
*.lekukoa.com
*.random.lekukoa.com
leos.live
*.leos.live
nasdaq-ais.it.com
*.nasdaq-ais.it.com
owl.it.com
*.owl.it.com
pdyrmj.futbol
*.pdyrmj.futbol
rnpzn.tube
*.rnpzn.tube
rtgfg.cfd
*.rtgfg.cfd
*.www.rtgfg.cfd
schotten-erfurt.de
*.schotten-erfurt.de
sevrd.reviews
*.sevrd.reviews
sgedo.live
*.sgedo.live
sgyl888.xyz
*.sgyl888.xyz
sosowa.com
*.sosowa.com
*.gadsplus.starsale.com
starsale.com
*.starsale.com
theywerewrong.com
*.theywerewrong.com
traderwinds.com
*.traderwinds.com
valutni.com
*.valutni.com
vg-slot88.it.com
*.vg-slot88.it.com
wqujn.tube
*.wqujn.tube
xbt.it.com
*.xbt.it.com
yerhi.click
*.yerhi.click
Other domains in certificate