Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=metalandmap.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 22, 2026
Valid Until
July 21, 2026
75 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
85:0A:50:65:E9:A3:06:0D:4C:CA:3E:7B:70:49:CD:A7:56:07:37:5E:AB:CE:6E:8C:D7:6C:61:AC:94:F4:36:4C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
lifechapter.art
*.lifechapter.art
degenonchain.com
*.degenonchain.com
dietjoy.site
*.dietjoy.site
docknke.com
*.docknke.com
doituofimatika.com
*.doituofimatika.com
fitvalueventures.run
*.fitvalueventures.run
hcabcneglikhlil.top
*.hcabcneglikhlil.top
lamamma.co.uk
*.lamamma.co.uk
lazydonkeyfilms.com
*.lazydonkeyfilms.com
leonardogt.biz
*.leonardogt.biz
lvisradio.org
*.lvisradio.org
malwareuninstaller.com
*.malwareuninstaller.com
marseille.lol
*.marseille.lol
memphisbeacon.info
*.memphisbeacon.info
mentalcleansing.com
*.mentalcleansing.com
mer-deal-grmn.today
*.mer-deal-grmn.today
metalandmap.com
*.metalandmap.com
mlbtotal.us
*.mlbtotal.us
mobiluteninnskudd-no.sbs
*.mobiluteninnskudd-no.sbs
montpellier.lol
*.montpellier.lol
mrtoolate.com
*.mrtoolate.com
mtjwapis.in
*.mtjwapis.in
mvv1i6.my
*.mvv1i6.my
mycomicpost.com
*.mycomicpost.com
mysticalrose.in
*.mysticalrose.in
nathanssweepstakes.com
*.nathanssweepstakes.com
neurologist.tel
*.neurologist.tel
notarypubliunderwriters.com
*.notarypubliunderwriters.com
offers-pack-packing-foodjob877.sbs
*.offers-pack-packing-foodjob877.sbs
oladavis.com
*.oladavis.com
omnisplendor.ing
*.omnisplendor.ing
onchaincompatible.com
*.onchaincompatible.com
onchainmachine.com
*.onchainmachine.com
onchainplane.com
*.onchainplane.com
pendulimlife.com
*.pendulimlife.com
postnatalspa.com
*.postnatalspa.com
powereternal.com
*.powereternal.com
pupscash.com
*.pupscash.com
qiaojiarenyy.com
*.qiaojiarenyy.com
r925.com
*.r925.com
rankyourday.net
*.rankyourday.net
rankyourday.org
*.rankyourday.org
repbi.com
*.repbi.com
sandzak.art
*.sandzak.art
sarahaugusta.com
*.sarahaugusta.com
Other domains in certificate