Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=cdoctolib.de
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 04, 2026
Valid Until
May 05, 2026
81 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B9:19:7B:7E:80:F8:5D:BE:52:DA:A8:C5:ED:B6:B9:49:8F:9D:8F:14:49:1F:BD:EC:3E:8A:7E:44:F9:AD:2E:C9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
carratt.com
*.carratt.com
30107.pizza
*.30107.pizza
*.30-agent.3geuxbw0.click
3geuxbw0.click
*.3geuxbw0.click
678t.vg
*.678t.vg
afrahotel.com
*.afrahotel.com
*.avito.caf-mypcs.my
caf-mypcs.my
*.caf-mypcs.my
*.dhkobmpf.caf-mypcs.my
*.payme-uz.caf-mypcs.my
*.pop3.caf-mypcs.my
*.qbcgkxlu.caf-mypcs.my
*.webmin.caf-mypcs.my
*.www.caf-mypcs.my
cdoctolib.de
*.cdoctolib.de
*.pro.cdoctolib.de
dealerconnect.co
*.dealerconnect.co
*.emv1.dealerconnect.co
*.fmcdealer.dealerconnect.co
*.m.dealerconnect.co
*.random.dealerconnect.co
*.sitemap.dealerconnect.co
*.sitemaps.dealerconnect.co
*.ww25.dealerconnect.co
*.www.dealerconnect.co
*.zeetagency.dealerconnect.co
disquedur.com
*.disquedur.com
erfelijkheid.com
*.erfelijkheid.com
feidas.com
*.feidas.com
fr-im-news.com
*.fr-im-news.com
gaoxing.com
*.gaoxing.com
havemyhouse.com
*.havemyhouse.com
irishcovidcertportal.org
*.irishcovidcertportal.org
kay-li.com
*.kay-li.com
kiaautoparts.com.au
*.kiaautoparts.com.au
makabreska.com
*.makabreska.com
moxing.tips
*.moxing.tips
nafxxtech.xyz
*.nafxxtech.xyz
oasisgardendreams.live
*.oasisgardendreams.live
prensalatinalasvegas.com
*.prensalatinalasvegas.com
redbettytheatre.org
*.redbettytheatre.org
undulater.com
*.undulater.com
unrate.com
*.unrate.com
upwiki.one
*.upwiki.one
uudam.com
*.uudam.com
victortorch.com
*.victortorch.com
vietmua.com
*.vietmua.com
weddedlifeharmony.beauty
*.weddedlifeharmony.beauty
wikibomb.com
*.wikibomb.com
xcdd.org
*.xcdd.org
*.m.xinxindm.net
*.www.xinxindm.net
xinxindm.net
*.xinxindm.net
xqbbhi.bid
*.xqbbhi.bid
xvn43.top
*.xvn43.top
Other domains in certificate