Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=blockhaus-warndt.de
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 21, 2026
Valid Until
July 20, 2026
50 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
68:55:8A:79:FE:6B:49:8B:C9:4E:4E:96:26:40:98:C7:DB:0A:8A:C9:1D:84:02:A1:95:1C:B2:A8:5B:E3:2F:80
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
digitalminingvip.com
*.digitalminingvip.com
*.digitaladmin.digitalminingvip.com
*.register.digitalminingvip.com
abmaobuy.sbs
*.abmaobuy.sbs
archzine.studio
*.archzine.studio
*.bg.archzine.studio
*.eu.archzine.studio
*.www.archzine.studio
blockhaus-warndt.de
*.blockhaus-warndt.de
braveheartful.com
*.braveheartful.com
brightspringsbenifits.com
*.brightspringsbenifits.com
candys.com.au
*.candys.com.au
*.ww16.candys.com.au
*.ww17.candys.com.au
casstark.com
*.casstark.com
cheyennerivernails.com
*.cheyennerivernails.com
*.autodiscover.detective-agency.site
*.dashboard.detective-agency.site
detective-agency.site
*.detective-agency.site
*.emv1.detective-agency.site
*.flows.detective-agency.site
*.ftp.detective-agency.site
*.mail.detective-agency.site
*.smtp.detective-agency.site
*.ww25.detective-agency.site
*.demo.doooods.site
doooods.site
*.doooods.site
*.random.doooods.site
*.ww25.doooods.site
elayers.shop
*.elayers.shop
escortgirls.au
*.escortgirls.au
findnokria.com
*.findnokria.com
*.my.findnokria.com
gaytravel.au
*.gaytravel.au
ismartfile.me
*.ismartfile.me
marketplaceplus.shop
*.marketplaceplus.shop
masajesveronica.com
*.masajesveronica.com
motorcyclestore.au
*.motorcyclestore.au
*.bcbsri.nationsbbenefits.com
nationsbbenefits.com
*.nationsbbenefits.com
onka.com.au
*.onka.com.au
ottawaflights.com.au
*.ottawaflights.com.au
play1ad.shop
*.play1ad.shop
rouryr.shop
*.rouryr.shop
*.m.sharonspetservices.co.uk
*.mail.sharonspetservices.co.uk
*.pop.sharonspetservices.co.uk
sharonspetservices.co.uk
*.sharonspetservices.co.uk
skytouchoverseas.com
*.skytouchoverseas.com
*.api.tccbc.com
*.sc.tccbc.com
tccbc.com
*.tccbc.com
*.ww1.tccbc.com
*.ww11.tccbc.com
*.ww16.tccbc.com
teulon.com
*.teulon.com
walmat.co
*.walmat.co
*.ld.xhlld24050.cyou
xhlld24050.cyou
*.xhlld24050.cyou
Other domains in certificate