Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=shangpa.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 19, 2026
Valid Until
May 20, 2026
89 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5F:1C:B7:0C:4B:D0:A7:A7:C5:24:86:C6:6C:84:C8:E3:B9:77:3B:1A:99:83:BF:C6:CC:60:B5:85:8B:31:A6:C2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
breadmachine.com.au
*.breadmachine.com.au
*.5.612464.xyz
612464.xyz
*.612464.xyz
*.edit.612464.xyz
*.exchanges.612464.xyz
*.shipin.612464.xyz
*.signin.612464.xyz
*.voucher.612464.xyz
*.xz.612464.xyz
donnersonavis.co
*.donnersonavis.co
*.ww25.donnersonavis.co
godotshader.com
*.godotshader.com
*.ww12.godotshader.com
*.hostmaster.jabjobs.com
jabjobs.com
*.jabjobs.com
*.m.jabjobs.com
*.mail.jabjobs.com
ji-bc.pw
*.ji-bc.pw
*.m.ji-bc.pw
*.ww1.ji-bc.pw
*.56ec9e16-88ff-4e2d-876f-cd7a9df0bd71.katsubet.vip
*.admin.katsubet.vip
*.adqerassets.katsubet.vip
*.app.katsubet.vip
*.assets.katsubet.vip
*.autoconfig.katsubet.vip
*.autodiscover.katsubet.vip
*.backup.katsubet.vip
*.blog.katsubet.vip
*.buuupwebmail.katsubet.vip
*.cpanel.katsubet.vip
*.cpcalendars.katsubet.vip
*.cpcontacts.katsubet.vip
*.dashboard.katsubet.vip
*.demo.katsubet.vip
*.dev.katsubet.vip
*.dlanxqey.katsubet.vip
*.ftp.katsubet.vip
*.go.katsubet.vip
katsubet.vip
*.katsubet.vip
*.m.katsubet.vip
*.mail.katsubet.vip
*.mailer.katsubet.vip
*.marketing.katsubet.vip
*.public.katsubet.vip
*.qa.katsubet.vip
*.qmuditkjhjgo.katsubet.vip
*.remote.katsubet.vip
*.search.katsubet.vip
*.secure.katsubet.vip
*.staging.katsubet.vip
*.stg.katsubet.vip
*.test.katsubet.vip
*.uzfaacpcontacts.katsubet.vip
*.v1.katsubet.vip
*.v2.katsubet.vip
*.vip.katsubet.vip
*.web.katsubet.vip
*.webmail.katsubet.vip
*.whm.katsubet.vip
*.wp.katsubet.vip
*.www.katsubet.vip
knoxlib.com
*.knoxlib.com
*.random.knoxlib.com
*.activaye.nbcbews.com
nbcbews.com
*.nbcbews.com
*.en.shangpa.com
shangpa.com
*.shangpa.com
*.ww1.shangpa.com
spirithallowee.com
*.spirithallowee.com
*.control.stayfocus.com
stayfocus.com
*.stayfocus.com
*.ww16.stayfocus.com
*.ww38.stayfocus.com
stlswapmeet.com
*.stlswapmeet.com
transefrmarkt.de
*.transefrmarkt.de
Other domains in certificate