Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=read.academy
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
January 20, 2026
Valid Until
April 20, 2026
65 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F6:7F:75:4F:BD:E3:B1:63:31:1D:0B:F4:34:F0:54:24:75:E0:42:3F:84:C9:39:28:96:DA:B2:84:DB:F8:B6:AE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
70 domains
read.academy
*.read.academy
*.hotfix.read.academy
*.insight.read.academy
*.insights.read.academy
*.monitoring.read.academy
*.report.read.academy
*.superset.read.academy
bettingsoccer.net
*.bettingsoccer.net
clinicalbiobank9.org
*.clinicalbiobank9.org
cluppenguin.com
*.cluppenguin.com
*.play.cluppenguin.com
*.ww38.cluppenguin.com
coreridgefinancial.com
*.coreridgefinancial.com
eastorchardmesafire.org
*.eastorchardmesafire.org
*.blog.gardenhood.com.au
*.copycc.gardenhood.com.au
gardenhood.com.au
*.gardenhood.com.au
*.greenme.gardenhood.com.au
*.mail.gardenhood.com.au
*.update-drupal.gardenhood.com.au
*.webmail.gardenhood.com.au
*.ww16.gardenhood.com.au
*.www.gardenhood.com.au
gastorhealth.com
*.gastorhealth.com
hprotectionplan.com
*.hprotectionplan.com
hypertherm.online
*.hypertherm.online
*.post.hypertherm.online
*.thor.hypertherm.online
*.ww25.hypertherm.online
*.ww38.hypertherm.online
jointrestoreknee.com
*.jointrestoreknee.com
kidnapper.com
*.kidnapper.com
*.ww25.kidnapper.com
longhornsurey.com
*.longhornsurey.com
*.5vum77a.tosanltd.com
*.crm2011.tosanltd.com
*.inr-h10.tosanltd.com
*.isd-adfs.tosanltd.com
*.kandoo.tosanltd.com
*.li01.tosanltd.com
tosanltd.com
*.tosanltd.com
*.admin.underwaters.store
*.api.underwaters.store
*.assets.underwaters.store
*.backup.underwaters.store
*.demo.underwaters.store
*.dev.underwaters.store
*.mailer.underwaters.store
*.members.underwaters.store
*.secure.underwaters.store
*.staging.underwaters.store
*.stg.underwaters.store
*.test.underwaters.store
underwaters.store
*.underwaters.store
*.v1.underwaters.store
Other domains in certificate