Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=andreasvoice.org
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 09, 2026
Valid Until
July 08, 2026
86 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
67:FC:4B:0F:65:8F:7F:7B:4C:4A:BF:75:3E:BA:ED:05:26:1A:38:C8:B4:CD:C3:E3:EE:E5:50:EB:3B:0C:9F:83
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
beautyhacks.com
*.beautyhacks.com
andreasvoice.org
*.andreasvoice.org
beatsaberquest.com
*.beatsaberquest.com
bestgentic.com
*.bestgentic.com
businessgentic.com
*.businessgentic.com
buyme.me
*.buyme.me
enpmf.care
*.enpmf.care
fqzrb.care
*.fqzrb.care
frankoshow.com
*.frankoshow.com
fs024425.cc
*.fs024425.cc
fs720363.cc
*.fs720363.cc
ggzig.ws
*.ggzig.ws
hlmindbody.com
*.hlmindbody.com
increasedprivacy.com
*.increasedprivacy.com
karaha.com
*.karaha.com
kit-car.com
*.kit-car.com
kjjzx.cn
*.kjjzx.cn
kqypbburgvp.cc
*.kqypbburgvp.cc
laifsolutions.com
*.laifsolutions.com
lohi.in
*.lohi.in
mengguwu.com
*.mengguwu.com
navern.com
*.navern.com
pabovebong.xyz
*.pabovebong.xyz
prayerconnection.org
*.prayerconnection.org
qirkmeozkzu.com
*.qirkmeozkzu.com
r6marketplace.com
*.r6marketplace.com
reportr.io
*.reportr.io
risa-bid.com
*.risa-bid.com
rishamart.com
*.rishamart.com
sanjosepayroll.com
*.sanjosepayroll.com
skye.in
*.skye.in
snappyskills.com
*.snappyskills.com
socialcampaignmagazine.com
*.socialcampaignmagazine.com
socialgentic.com
*.socialgentic.com
solutionsamplifyysolutions.info
*.solutionsamplifyysolutions.info
solutionspathalliance.info
*.solutionspathalliance.info
souday.cn
*.souday.cn
sourcegentic.com
*.sourcegentic.com
starlighttraining.com
*.starlighttraining.com
storiespace.com
*.storiespace.com
unityconnect.org
*.unityconnect.org
whippeddream.com
*.whippeddream.com
wnc99.com
*.wnc99.com
www000164.com
*.www000164.com
www000741.com
*.www000741.com
Other domains in certificate