DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Certificate Information

Subject
CN=thepottingshed.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 10, 2026
Valid Until
May 11, 2026 89 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CB:0F:8E:58:BE:D3:5B:93:B6:36:C7:12:ED:7C:26:E4:45:F6:10:5F:E9:7D:BC:7F:6B:E8:55:1E:05:C7:79:75
Alternative Names
87 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

87 domains
agent-online.com *.agent-online.com *.ai.agent-online.com *.blog.agent-online.com *.hostmaster.agent-online.com *.mail.agent-online.com *.nextcloud.agent-online.com *.outmail.agent-online.com *.sitemap.agent-online.com *.ww1.agent-online.com *.ww38.agent-online.com

Other domains in certificate

amora-maille.com *.amora-maille.com *.mx.amora-maille.com *.ww25.amora-maille.com
angryguy.tv *.angryguy.tv *.www.angryguy.tv
*.blog.gamemod.io *.dl.gamemod.io *.down.gamemod.io gamemod.io *.gamemod.io *.hostmaster.gamemod.io *.prod.gamemod.io *.tqc.gamemod.io *.viz.gamemod.io *.ww1.gamemod.io *.ww7.gamemod.io *.www.gamemod.io
givemeanotherchance.com *.givemeanotherchance.com *.www.givemeanotherchance.com
leafsivory.com *.leafsivory.com *.webmail.leafsivory.com
*.anyconnect.metisfishmarket.com *.apps.metisfishmarket.com *.autodiscover.metisfishmarket.com *.globalprotect.metisfishmarket.com *.gp.metisfishmarket.com *.intra.metisfishmarket.com *.m.metisfishmarket.com metisfishmarket.com *.metisfishmarket.com *.rd.metisfishmarket.com *.rdg.metisfishmarket.com *.sip.metisfishmarket.com *.sslvpn.metisfishmarket.com *.users.metisfishmarket.com *.webmail.metisfishmarket.com *.webvpn.metisfishmarket.com *.wildcard.metisfishmarket.com *.ww16.metisfishmarket.com
*.admin.passthru.com *.api.passthru.com *.app.passthru.com *.blog.passthru.com *.dev.passthru.com *.ftp.passthru.com *.imap4.passthru.com *.mx.passthru.com passthru.com *.passthru.com *.ppvzxgypwv.passthru.com *.shop.passthru.com *.staging.passthru.com *.ww1.passthru.com *.ww25.passthru.com *.ww38.passthru.com
*.huayra.pietuo.com *.m.pietuo.com *.mail.pietuo.com pietuo.com *.pietuo.com *.sitemaps.pietuo.com *.test.pietuo.com *.ww16.pietuo.com *.ww17.pietuo.com
readingbible.com *.readingbible.com *.ww25.readingbible.com
*.api.thepottingshed.com thepottingshed.com *.thepottingshed.com *.vpn.thepottingshed.com *.ww25.thepottingshed.com