Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=giveawaytonapp.xyz
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 17, 2026
Valid Until
May 18, 2026
89 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
00:6B:F0:CC:D6:59:69:17:A3:3D:59:34:3A:8A:DD:07:5F:51:7F:05:B8:B5:21:AA:18:A0:B3:BB:94:35:53:F3
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
loren.net
*.loren.net
*.admin.loren.net
*.api.loren.net
*.app.loren.net
*.assets.loren.net
*.backup.loren.net
*.blog.loren.net
*.cf.loren.net
*.demo.loren.net
*.dev.loren.net
*.hospital.loren.net
*.lost.loren.net
*.m.loren.net
*.mailin.loren.net
*.members.loren.net
*.ms.loren.net
*.staging.loren.net
*.test.loren.net
*.uat.loren.net
*.ww17.loren.net
1win-gy5.top
*.1win-gy5.top
*.d.1win-gy5.top
*.sitemap.1win-gy5.top
*.sitemaps.1win-gy5.top
*.abdulla-alemadi.accure.com.au
accure.com.au
*.accure.com.au
*.aino.accure.com.au
*.bookfair.accure.com.au
*.californiahotel.accure.com.au
*.carpenterpacific.accure.com.au
*.cbio.accure.com.au
*.comune.accure.com.au
*.mail11.accure.com.au
*.motioncomputing.accure.com.au
*.pinholephotography.accure.com.au
*.smtp3.accure.com.au
*.socential.accure.com.au
*.ww16.accure.com.au
*.ww25.accure.com.au
conduonghuuco.com
*.conduonghuuco.com
*.ww25.conduonghuuco.com
*.api.dreamvacationplanner.live
*.app.dreamvacationplanner.live
dreamvacationplanner.live
*.dreamvacationplanner.live
*.intranet.dreamvacationplanner.live
*.portal.dreamvacationplanner.live
*.shop.dreamvacationplanner.live
*.admin.egpjpmania.vip
*.api.egpjpmania.vip
egpjpmania.vip
*.egpjpmania.vip
*.intranet.egpjpmania.vip
*.shop.egpjpmania.vip
*.admin.giveawaytonapp.xyz
*.api.giveawaytonapp.xyz
*.app.giveawaytonapp.xyz
*.assets.giveawaytonapp.xyz
*.backup.giveawaytonapp.xyz
*.dashboard.giveawaytonapp.xyz
*.demo.giveawaytonapp.xyz
*.dev.giveawaytonapp.xyz
giveawaytonapp.xyz
*.giveawaytonapp.xyz
*.lmexsapi.giveawaytonapp.xyz
*.mail.giveawaytonapp.xyz
*.mailer.giveawaytonapp.xyz
*.qa.giveawaytonapp.xyz
*.rustore.giveawaytonapp.xyz
*.secure.giveawaytonapp.xyz
*.shop.giveawaytonapp.xyz
*.ssalystaging.giveawaytonapp.xyz
*.staging.giveawaytonapp.xyz
*.stg.giveawaytonapp.xyz
*.uat.giveawaytonapp.xyz
*.ushxvadmin.giveawaytonapp.xyz
*.web.giveawaytonapp.xyz
*.api.lesgrands.com
*.backup.lesgrands.com
*.dev.lesgrands.com
lesgrands.com
*.lesgrands.com
*.mail.lesgrands.com
*.test.lesgrands.com
*.ww25.lesgrands.com
Other domains in certificate