Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=sonoramusiccenter.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 15, 2026
Valid Until
July 14, 2026
32 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4C:25:1A:1C:2B:13:DF:BA:BB:05:4D:38:7F:28:9F:DD:AE:74:51:FC:D9:27:DE:75:7A:CB:88:01:3C:44:10:7E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
relatedposts.it
*.relatedposts.it
*.admin.relatedposts.it
*.api.relatedposts.it
*.backend.relatedposts.it
*.hostmaster.relatedposts.it
f2008c.top
*.f2008c.top
*.exchange.flipswap.xyz
flipswap.xyz
*.flipswap.xyz
*.admin.gourmetroast.com
*.analytics.gourmetroast.com
*.backend.gourmetroast.com
*.dev.gourmetroast.com
*.flowise.gourmetroast.com
gourmetroast.com
*.gourmetroast.com
*.intelligence.gourmetroast.com
*.superset.gourmetroast.com
*.visual.gourmetroast.com
*.ww20.gourmetroast.com
*.ww42.gourmetroast.com
*.ai.hackfb.com
*.en.hackfb.com
hackfb.com
*.hackfb.com
*.bnbod.indianmms.xyz
*.cicd.indianmms.xyz
*.com.indianmms.xyz
*.enr3p.indianmms.xyz
*.fdb74.indianmms.xyz
*.g22y8.indianmms.xyz
*.he00g.indianmms.xyz
*.hrka1.indianmms.xyz
indianmms.xyz
*.indianmms.xyz
*.j2zfz.indianmms.xyz
*.kwid9.indianmms.xyz
*.l7nqb.indianmms.xyz
*.ndifg.indianmms.xyz
*.oahlw.indianmms.xyz
*.pipeline.indianmms.xyz
*.ww38.indianmms.xyz
ktszyg.net
*.ktszyg.net
*.alva.nam.life
*.madud.nam.life
*.mail.nam.life
*.mte.nam.life
nam.life
*.nam.life
*.www.nam.life
*.7p6atw.rjfyhgldexgwvoq.cc
*.ikvn.rjfyhgldexgwvoq.cc
*.jbx8.rjfyhgldexgwvoq.cc
rjfyhgldexgwvoq.cc
*.rjfyhgldexgwvoq.cc
solar-panel-installation-0f4s2c4q5j3.sbs
*.solar-panel-installation-0f4s2c4q5j3.sbs
*.mx.sonoramusiccenter.com
sonoramusiccenter.com
*.sonoramusiccenter.com
spinninggrandprize.quest
*.spinninggrandprize.quest
tacoselcreador.com
*.tacoselcreador.com
trademarkinfringementonamazon.com
*.trademarkinfringementonamazon.com
*.ww38.trademarkinfringementonamazon.com
*.backend.travellertips.it
*.demo.travellertips.it
*.dev.travellertips.it
*.forecast.travellertips.it
*.intelligence.travellertips.it
*.report.travellertips.it
*.research.travellertips.it
*.staging.travellertips.it
*.superset.travellertips.it
travellertips.it
*.travellertips.it
truevalueweddings.beauty
*.truevalueweddings.beauty
versurecert.com
*.versurecert.com
warehouse-jobs-789948.sbs
*.warehouse-jobs-789948.sbs
webvibe.co
*.webvibe.co
Other domains in certificate