Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=leonie-lukas.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
December 23, 2025
Valid Until
March 23, 2026
52 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BA:90:24:2D:54:D6:A4:CA:D7:5B:DA:9F:B6:DA:0F:9F:7A:4C:DD:E2:21:A2:DD:5F:49:92:9B:21:11:B4:EA:6D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
comodoca.com
digicert.com
; cansignhttpexchanges=yes
globalsign.com
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
sectigo.com
ssl.com
Wildcard CAs
digicert.com
; cansignhttpexchanges=yes
globalsign.com
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
sectigo.com
ssl.com
comodoca.com
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 7 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
100 domains
datastrix.io
app.2go.im
abriuagenda.com.br
www.abriuagenda.com.br
fangdai.ai-geek.cc
allaboutrosie.co.nz
aziyashbapcareers.com
azespazioa.azkunazentroa.eus
bacalaurescu.ro
asjdashboard.bigad.me
www.bitkubmetaverse.com
admin-beta.book4dance.com
cast-receiver.bugaboo.tv
message.ckfr.org
www.exosphere.co.in
www.nextgenagency.com.ng
www.debosz.com.pl
img.yusufmutlu.com.tr
nexasteel.yusufmutlu.com.tr
painel.conexfrete.com.br
www.construgypsum.com
craftcourse.pl
crescentsoftwarelabs.com
cyfrowakrawcowa.pl
delhifebric.in
dutchheaven.com
eatsafecodes.com
orchestrate.saga.einride.tech
backroadsnews.enotice.io
montezumapress.enotice.io
eucasec.cl
firebase.flangoo.com
floracodex.com
folderlymessenger.com
www.foony.com
connect.futuresenseai.com
jump.games235.com
www.ginseng.tech
go-api.grupoadvis.com.br
gycustommfg.com
www.gycustommfg.com
masszazsfotel.idata.hu
admin.izabelajanowska.pl
zuversicht.jomichaelis.de
explorer.jsaguet.fr
shindan.jyoseikin.jp
www.kallautomaticos.com.br
open-fastpath-a.kikagaku.co.jp
hqdeusasdaterra.larissadiaspsi.com.br
learninglanguagesaglc.cm
leonie-lukas.com
www.levinswitches.in
www.linkface.com.br
toyama.linx.live
condo.mark8.co
medi-doc.be
mediaman.app
vergunningen.training.mindyourpass.io
bis24dev.mustpay.tech
pm.mywesp.com
apps.narratory.io
cloudgallery.nicacoder.com
food.oleyn.org
learning-platform.phoenixia.digital
construction.recovr.biz
internalsupport.recovr.biz
manufacturing.recovr.biz
portal.recovr.biz
www.reevaempire.com
xn--mnchen-3ya.robens.tech
connect-ng-carrier-registration.rxoconnectmain.rxo.com
connect-ng-fom.rxoconnectmain.rxo.com
scaaptz.org
www.scaf.ltd
member.seetrum.id
nachweise.seimobil.net
staging.sharkfinesse.com
attendance-accounts.skill-mine.com
portal-attendance-accounts.skill-mine.com
cookie-legal.subxtech.com
www.subxtech.com
talpak.hu
thatjust.works
develop-admin.tipxy-now.com
image.tmpnews.com
madeinlagos.udux.com
vukoocpg.app
tc.wwf.org.uk
xn----2hckhnkqs8esa.xn--5dbnct.xn--4dbrk0ce
xn--80aaxdddmgzl5f6a.xn--p1ai
xn--80aejorzdg.xn--p1ai
www.xn--910by1bm9grt9ak0b.com
www.xn--fahrprfer-v9a.ch
www.xn--h6h.gg
xn--ob0bx0iyztb9lk5b.com
xn--ok1b150b96j.com
www.xn--rssmann-n2a.de
www.xn--zckl5c8c3g.xn--tckwe
yt1s.com.co
app.yunufit.com
Other domains in certificate