DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt Active incidents

Certificate Information

Subject
CN=sana567.app
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 24, 2026
Valid Until
July 23, 2026 33 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
87:65:C8:0B:27:82:2A:1F:00:20:73:E3:F0:91:38:33:24:1E:F9:9C:AF:68:03:62:9A:16:A9:26:1D:BA:DD:63
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
idontbuy.it *.idontbuy.it *.admin.idontbuy.it *.app.idontbuy.it *.chart.idontbuy.it *.demo.idontbuy.it *.dev.idontbuy.it *.staging.idontbuy.it *.superset.idontbuy.it

Other domains in certificate

chestnuts.uk *.chestnuts.uk
*.449d7383-cdee-434b-b507-ab0c1dfcd4ab.dna-whitelist.com *.a.dna-whitelist.com *.api.dna-whitelist.com *.app.dna-whitelist.com *.backup.dna-whitelist.com *.cloud.dna-whitelist.com dna-whitelist.com *.dna-whitelist.com *.external.dna-whitelist.com *.intranet.dna-whitelist.com *.landing.dna-whitelist.com *.my.dna-whitelist.com *.online.dna-whitelist.com *.rd.dna-whitelist.com *.rds.dna-whitelist.com *.rdweb.dna-whitelist.com *.remote.dna-whitelist.com *.share.dna-whitelist.com *.sharepoint.dna-whitelist.com *.staging.dna-whitelist.com
*.app.hearstmagazine.com *.digigitalservice.hearstmagazine.com *.digitalservices.hearstmagazine.com *.forum.hearstmagazine.com hearstmagazine.com *.hearstmagazine.com *.store.hearstmagazine.com *.subscribe.hearstmagazine.com *.temp.hearstmagazine.com
*.555a6645-9710-4116-b1e2-7ededda7f73f.naphsweb.com *.7e9f29b0-4030-4d82-8562-9a61a1bbf8f8.naphsweb.com *.a.naphsweb.com *.admin.naphsweb.com *.alumni.naphsweb.com *.api.naphsweb.com *.app.naphsweb.com *.assets.naphsweb.com *.cloud.naphsweb.com *.demo.naphsweb.com *.dev.naphsweb.com *.esus.naphsweb.com *.mailgw.naphsweb.com naphsweb.com *.naphsweb.com *.pro.naphsweb.com *.rd.naphsweb.com *.rds.naphsweb.com *.rdweb.naphsweb.com *.remote.naphsweb.com *.test.naphsweb.com *.uezvjapp.naphsweb.com
richmantowersapt.com *.richmantowersapt.com
*.0b8fa699-5a12-481c-b812-42f5a4e7004c.sana567.app *.1c360658-f97b-4272-b81f-56e6a225612a.sana567.app *.4bc103c2-c146-46ab-8ff0-2c4b8d24d695.sana567.app *.admin.sana567.app *.api.sana567.app *.app.sana567.app *.assets.sana567.app *.beta.sana567.app *.demo.sana567.app *.dev.sana567.app *.mailer.sana567.app *.marketing.sana567.app sana567.app *.sana567.app *.test.sana567.app *.voronezh.sana567.app *.web.sana567.app *.www.sana567.app
*.m.ukievillage.com *.mail1.ukievillage.com *.mailer.ukievillage.com *.uat.ukievillage.com ukievillage.com *.ukievillage.com *.v1.ukievillage.com *.wp.ukievillage.com