DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Certificate Information

Subject
CN=blossomgardengems.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 04, 2026
Valid Until
May 05, 2026 85 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DE:0D:A7:C6:C5:3E:3B:B7:1B:ED:11:44:88:35:AF:78:DA:0F:47:3B:DF:76:E6:22:77:DA:49:03:2A:3D:93:90
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
colmarconstruction.com *.colmarconstruction.com

Other domains in certificate

blossomgardengems.com *.blossomgardengems.com
bluefilmes.com *.bluefilmes.com
booksopendoors.xyz *.booksopendoors.xyz
boundarylessframeworks.com *.boundarylessframeworks.com
brbluerise.com *.brbluerise.com
bugis4d.org *.bugis4d.org
buiseraroniiosdalsmart.cyou *.buiseraroniiosdalsmart.cyou
buttholecoindev.com *.buttholecoindev.com
by46p.top *.by46p.top
by93j.top *.by93j.top
bzrsh.bid *.bzrsh.bid
cabb.it *.cabb.it
cacabank.com *.cacabank.com
cajartrujillo.cfd *.cajartrujillo.cfd
cameraguild.org *.cameraguild.org
capitalsphere.icu *.capitalsphere.icu
car-transport-companies-us-pango.click *.car-transport-companies-us-pango.click
car-warranty-gb-7281.click *.car-warranty-gb-7281.click
cardreviewzone.online *.cardreviewzone.online
caregiver-jobs-au-dp.click *.caregiver-jobs-au-dp.click
cerdersa.xyz *.cerdersa.xyz
cetomu-fizofi.site *.cetomu-fizofi.site
cety09rqprjxf.cc *.cety09rqprjxf.cc
ch57e.top *.ch57e.top
cheating-lawyer-jp06.click *.cheating-lawyer-jp06.click
china3f.com *.china3f.com
choivua88.xyz *.choivua88.xyz
choorlish.com *.choorlish.com
cinemawatcher.com *.cinemawatcher.com
circularnutrition.com *.circularnutrition.com
cnergy.co *.cnergy.co
codegroup.co *.codegroup.co
codero.co *.codero.co
coinmetrics.online *.coinmetrics.online
colonscopia.it *.colonscopia.it
commissioner.it *.commissioner.it
conduco.it *.conduco.it
congregatex.com *.congregatex.com
construction-lawyer-956205962.click *.construction-lawyer-956205962.click
consulenteenergetico.it *.consulenteenergetico.it
contienda.it *.contienda.it
cookbook.plus *.cookbook.plus
coolest-christmas-holidays.com *.coolest-christmas-holidays.com
crazyoud.com *.crazyoud.com