Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=breakout.store
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
December 29, 2025
Valid Until
March 29, 2026
43 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
EC:30:D4:E0:D1:61:13:F6:42:9B:BA:21:10:C3:9E:89:9A:FD:22:6E:81:F2:EE:B9:B4:36:A6:46:B3:F4:7D:CC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
sitetld.com
*.sitetld.com
*.hostmaster.sitetld.com
*.www.sitetld.com
agebangostra.club
*.agebangostra.club
*.hostmaster.agebangostra.club
*.random.agebangostra.club
*.staging.agebangostra.club
*.ww25.agebangostra.club
*.ww38.agebangostra.club
aiacollege.au
*.aiacollege.au
arogyadham-seva.com
*.arogyadham-seva.com
baabalshams.com
*.baabalshams.com
betterballotcampaign.org
*.betterballotcampaign.org
*.stpaul.betterballotcampaign.org
bitcnnect.com
*.bitcnnect.com
breakout.store
*.breakout.store
*.random.breakout.store
cobaltum-nitricum.de
*.cobaltum-nitricum.de
doral.au
*.doral.au
*.dan.dotbee.com
dotbee.com
*.dotbee.com
*.hostmaster.dotbee.com
*.random.dotbee.com
dsaiowa.com
*.dsaiowa.com
fifteen.com.au
*.fifteen.com.au
*.app.flox.site
flox.site
*.flox.site
*.loteaaoqud.flox.site
*.v3.flox.site
*.vpn.flox.site
*.25.fmhv.net
fmhv.net
*.fmhv.net
*.ww16.fmhv.net
gideondefoe.com
*.gideondefoe.com
glucose-6-phosphat-dehydrogenase-mangel.de
*.glucose-6-phosphat-dehydrogenase-mangel.de
jikenbo.net
*.jikenbo.net
learntoinvest.com.au
*.learntoinvest.com.au
*.dev.mostlyyummymummy.com
*.galeria.mostlyyummymummy.com
mostlyyummymummy.com
*.mostlyyummymummy.com
*.users.mostlyyummymummy.com
okavango-delta.net
*.okavango-delta.net
optimisedconnect.com
*.optimisedconnect.com
otic.au
*.otic.au
roma777.pro
*.roma777.pro
*.whm.roma777.pro
rudyroatanshoreexcursions.com
*.rudyroatanshoreexcursions.com
safaribeachrdc.com
*.safaribeachrdc.com
*.hostmaster.streamcomplet.xyz
*.insights.streamcomplet.xyz
streamcomplet.xyz
*.streamcomplet.xyz
*.superset.streamcomplet.xyz
*.ww16.streamcomplet.xyz
*.www.streamcomplet.xyz
thescourgeproject.com
*.thescourgeproject.com
toolscenter.org
*.toolscenter.org
toshin-sc.com
*.toshin-sc.com
yves-rossy.com
*.yves-rossy.com
Other domains in certificate