Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=zagavet.org
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 19, 2026
Valid Until
May 20, 2026
89 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
45:4B:3B:C2:23:55:F6:F2:F7:6C:D9:8F:46:A8:2A:CA:14:F8:7E:B4:02:D9:EA:92:C3:95:6B:D5:59:BF:7D:4A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
getclaimify.io
*.getclaimify.io
0dcloudx.xyz
*.0dcloudx.xyz
*.ww25.0dcloudx.xyz
*.ww38.0dcloudx.xyz
290ss.com
*.290ss.com
*.random.290ss.com
bnovasol.de
*.bnovasol.de
*.store.bnovasol.de
denimjeans.com.au
*.denimjeans.com.au
*.random.denimjeans.com.au
electromobilnost.online
*.electromobilnost.online
*.ww16.electromobilnost.online
findfriend.com
*.findfriend.com
*.random.findfriend.com
fiznet.site
*.fiznet.site
*.blog.fundsmanagement.com
fundsmanagement.com
*.fundsmanagement.com
*.ibtc.fundsmanagement.com
*.stanbicibtc.fundsmanagement.com
*.ebmail.funnelsmedia.site
funnelsmedia.site
*.funnelsmedia.site
*.sub.funnelsmedia.site
hubenergy.co.uk
*.hubenergy.co.uk
*.testing.hubenergy.co.uk
intertribalbison.org
*.intertribalbison.org
*.www.intertribalbison.org
iqone.me
*.iqone.me
mariah.bio
*.mariah.bio
*.admin.minecraftapkgeek.voto
*.api.minecraftapkgeek.voto
*.app.minecraftapkgeek.voto
*.assets.minecraftapkgeek.voto
*.autodiscover.minecraftapkgeek.voto
*.backup.minecraftapkgeek.voto
*.demo.minecraftapkgeek.voto
*.dev.minecraftapkgeek.voto
*.f6b8eaf6-7335-49c7-b7e1-f24f75dda4d1.minecraftapkgeek.voto
*.laqkoassets.minecraftapkgeek.voto
*.mail.minecraftapkgeek.voto
minecraftapkgeek.voto
*.minecraftapkgeek.voto
*.shop.minecraftapkgeek.voto
*.staging.minecraftapkgeek.voto
*.test.minecraftapkgeek.voto
*.whm.minecraftapkgeek.voto
*.wkpjktest.minecraftapkgeek.voto
*.www.minecraftapkgeek.voto
*.zkpcdapp.minecraftapkgeek.voto
mobilometry.com
*.mobilometry.com
*.mail.mrb-lewisandclarkcenter.org
mrb-lewisandclarkcenter.org
*.mrb-lewisandclarkcenter.org
*.random.mrb-lewisandclarkcenter.org
proyectonisal.org
*.proyectonisal.org
*.ww38.proyectonisal.org
sabong81.bet
*.sabong81.bet
sajjad.live
*.sajjad.live
scut2ka.cc
*.scut2ka.cc
*.ww25.scut2ka.cc
*.demo.sellyourhome.uk
sellyourhome.uk
*.sellyourhome.uk
stir.live
*.stir.live
thecarbeileinn.co.uk
*.thecarbeileinn.co.uk
*.pay.velor.us
velor.us
*.velor.us
zagavet.org
*.zagavet.org
Other domains in certificate