Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=ajfml.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 26, 2026
Valid Until
August 24, 2026
86 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D9:E3:83:EF:EE:DB:6F:4F:11:34:D6:20:1B:6D:F5:FC:98:89:99:EC:46:28:18:BE:79:31:A0:31:FD:55:9A:2B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
brussels.com.au
*.brussels.com.au
1849.it
*.1849.it
*.mazzucchelli.1849.it
3d-max.store
*.3d-max.store
*.ww38.3d-max.store
ajfml.com
*.ajfml.com
berlinalternativefashionweek.com
*.berlinalternativefashionweek.com
*.ww25.berlinalternativefashionweek.com
bhaweightloss.com
*.bhaweightloss.com
cardiff.com.au
*.cardiff.com.au
*.ww25.cardiff.com.au
celsky.com
*.celsky.com
*.pay.celsky.com
doggys.top
*.doggys.top
*.ww25.doggys.top
forma.social
*.forma.social
giveatipto.me
*.giveatipto.me
*.00dd8d03-1a6f-4744-afc2-9038e1d02a5b.goldenpathpress.net
*.25a2c857-30d8-4c26-b18f-654f8332326a.goldenpathpress.net
*.99707139-0321-4b64-96cc-c734b13c4dc7.goldenpathpress.net
*.admin.goldenpathpress.net
*.api.goldenpathpress.net
*.app.goldenpathpress.net
*.assets.goldenpathpress.net
*.backup.goldenpathpress.net
*.blog.goldenpathpress.net
*.demo.goldenpathpress.net
*.dev.goldenpathpress.net
*.exchangecorp.goldenpathpress.net
goldenpathpress.net
*.goldenpathpress.net
*.hostmaster.goldenpathpress.net
*.mailer.goldenpathpress.net
*.marketing.goldenpathpress.net
*.secure.goldenpathpress.net
*.staging.goldenpathpress.net
*.stats.goldenpathpress.net
*.stg.goldenpathpress.net
*.test.goldenpathpress.net
*.uat.goldenpathpress.net
*.v1.goldenpathpress.net
*.vpn.goldenpathpress.net
*.web.goldenpathpress.net
*.webmail.goldenpathpress.net
*.btg1o.hcsyh.cn
hcsyh.cn
*.hcsyh.cn
*.oxjcfaa3de.hcsyh.cn
*.applemail.hotsmail.com
*.connect.hotsmail.com
*.correu.hotsmail.com
*.cpanel.hotsmail.com
*.exchmail.hotsmail.com
hotsmail.com
*.hotsmail.com
*.msexch2k13.hotsmail.com
*.mywebmail.hotsmail.com
*.smtpa.hotsmail.com
*.sslgateway.hotsmail.com
*.studentsvpn.hotsmail.com
*.terminal.hotsmail.com
*.webmail05.hotsmail.com
*.ydsras.hotsmail.com
illust-chinese-word.de
*.illust-chinese-word.de
keys.properties
*.keys.properties
mobiltraumhaus.de
*.mobiltraumhaus.de
southerncomfortairservices.com
*.southerncomfortairservices.com
stannesnantwich.org.uk
*.stannesnantwich.org.uk
*.hostmaster.wwwfmiweb.com
*.ww25.wwwfmiweb.com
*.ww38.wwwfmiweb.com
wwwfmiweb.com
*.wwwfmiweb.com
Other domains in certificate