Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=microgreens.life
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
January 30, 2026
Valid Until
April 30, 2026
64 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D8:CD:57:AC:37:32:0D:14:99:71:BD:2D:96:D7:1E:38:4E:6E:F5:49:C3:FC:78:51:08:6A:CC:CF:2B:96:34:6B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
seorankingstrategy.com
*.seorankingstrategy.com
*.test.seorankingstrategy.com
facegoogle.com
*.facegoogle.com
*.mx.facegoogle.com
*.ww25.facegoogle.com
microgreens.life
*.microgreens.life
mimi-channel.com
*.mimi-channel.com
minersrestaurant.ca
*.minersrestaurant.ca
modocstrategy.com
*.modocstrategy.com
mp3lyrics.in
*.mp3lyrics.in
mycarnivale.com
*.mycarnivale.com
nadorevents.hu
*.nadorevents.hu
nicecom.com
*.nicecom.com
*.ww01.nicecom.com
phoneguru.com
*.phoneguru.com
piasa-bingo.com
*.piasa-bingo.com
pifl.in
*.pifl.in
poisk-koles.com
*.poisk-koles.com
pronto-pools.com
*.pronto-pools.com
prosperitydao.com
*.prosperitydao.com
prostadine--prostadine.com
*.prostadine--prostadine.com
proxies.ws
*.proxies.ws
psichedelici.com
*.psichedelici.com
pt.fm
*.pt.fm
purelydot.com
*.purelydot.com
purevale.com
*.purevale.com
redforex.com
*.redforex.com
rentacar-srbija.com
*.rentacar-srbija.com
resultadobicho.org
*.resultadobicho.org
reverendjohnnydragon.com
*.reverendjohnnydragon.com
right2ride.net
*.right2ride.net
rosaweiss.cc
*.rosaweiss.cc
spokaneit.com
*.spokaneit.com
sportsretort.com
*.sportsretort.com
tantrawitharnie.zone
*.tantrawitharnie.zone
*.test.tantrawitharnie.zone
theinfluenceroomprimary.com
*.theinfluenceroomprimary.com
thepokerface.com
*.thepokerface.com
truoctran.life
*.truoctran.life
tuchelle.com
*.tuchelle.com
tvjunkie.net
*.tvjunkie.net
txleadershipconsortium.com
*.txleadershipconsortium.com
tyetribbetttour.com
*.tyetribbetttour.com
umk9s5wq3mtd.com
*.umk9s5wq3mtd.com
wb493.com
*.wb493.com
*.test.yenigunmuhendislik.com
yenigunmuhendislik.com
*.yenigunmuhendislik.com
zf66.vip
*.zf66.vip
Other domains in certificate