Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=katrina.net
Issuer
C=US, O=Let's Encrypt, CN=YR2
Valid From
June 04, 2026
Valid Until
September 02, 2026
71 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1D:20:86:2E:53:2B:4E:19:78:D3:6B:F9:BE:93:92:B7:0E:C8:D2:07:DA:63:8D:6F:55:D9:89:7B:D2:74:18:47
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
askblogger.com
*.askblogger.com
*.classifieds.askblogger.com
*.hostmaster.askblogger.com
*.photoshop.askblogger.com
*.www.askblogger.com
boneengineering.com
*.boneengineering.com
buy-used-smart-tv-brazil.sbs
*.buy-used-smart-tv-brazil.sbs
*.prod.buy-used-smart-tv-brazil.sbs
*.app.goldenapples.it
goldenapples.it
*.goldenapples.it
*.hostmaster.goldenapples.it
*.metrics.goldenapples.it
*.superset.goldenapples.it
highlyratedgastroenterologists.site
*.highlyratedgastroenterologists.site
*.www.highlyratedgastroenterologists.site
journalbotpro.com
*.journalbotpro.com
*.qpmm2h.journalbotpro.com
*.admin.katrina.net
*.anyconnect.katrina.net
*.connect.katrina.net
*.database.katrina.net
*.help.katrina.net
*.hosted-by.katrina.net
katrina.net
*.katrina.net
*.rd.katrina.net
*.rds.katrina.net
*.remoto.katrina.net
*.vc.katrina.net
*.vpn.katrina.net
*.vpnssl.katrina.net
multiplecomputationdevices.site
*.multiplecomputationdevices.site
*.ww38.multiplecomputationdevices.site
*.com.nagarpalikadei.org
*.in.nagarpalikadei.org
nagarpalikadei.org
*.nagarpalikadei.org
*.star.nagarpalikadei.org
*.com.pescamundo.com
pescamundo.com
*.pescamundo.com
qynb123.com
*.qynb123.com
*.share.qynb123.com
sbcya.com
*.sbcya.com
*.m.scqh.net
scqh.net
*.scqh.net
*.access.wwfjp.org
*.connect.wwfjp.org
*.correo.wwfjp.org
*.email.wwfjp.org
*.exchange.wwfjp.org
*.mail.wwfjp.org
*.mail3.wwfjp.org
*.mymail.wwfjp.org
*.outlook.wwfjp.org
*.rdp.wwfjp.org
*.store.wwfjp.org
*.test.wwfjp.org
*.webmail.wwfjp.org
*.wp.wwfjp.org
wwfjp.org
*.wwfjp.org
*.backend.xn--nztu2k.com
*.client.xn--nztu2k.com
*.demo.xn--nztu2k.com
*.dev.xn--nztu2k.com
*.development.xn--nztu2k.com
*.git.xn--nztu2k.com
*.hostmaster.xn--nztu2k.com
*.m.xn--nztu2k.com
*.mobile.xn--nztu2k.com
*.preprod-superset.xn--nztu2k.com
*.reporting.xn--nztu2k.com
*.secure.xn--nztu2k.com
*.webtest.xn--nztu2k.com
xn--nztu2k.com
*.xn--nztu2k.com
*.admin.zxiom.trade
zxiom.trade
*.zxiom.trade
Other domains in certificate