Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=pefcwatch.org
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
March 04, 2026
Valid Until
June 02, 2026
36 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C5:23:00:AB:4A:B5:4F:08:73:6B:A3:4D:A3:F3:34:44:8F:B3:A4:DD:E7:7A:6A:DA:69:7B:62:B5:A5:B2:61:10
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
84 domains
whatismydnsserver.com
*.whatismydnsserver.com
*.hostmaster.whatismydnsserver.com
*.ns1.whatismydnsserver.com
*.ns2.whatismydnsserver.com
akashs.online
*.akashs.online
atomosenergy.com
*.atomosenergy.com
*.ww38.atomosenergy.com
axadca.com
*.axadca.com
*.random.axadca.com
bcbdil.com
*.bcbdil.com
delhi.com.au
*.delhi.com.au
*.try.delhi.com.au
flyerakarm.de
*.flyerakarm.de
frez.club
*.frez.club
gabedsgn.me
*.gabedsgn.me
himana.com
*.himana.com
insulaiubirii.net
*.insulaiubirii.net
*.rustore.insulaiubirii.net
ku0307pro.online
*.ku0307pro.online
mariettaplumbing.com
*.mariettaplumbing.com
milwaukeetool.uk
*.milwaukeetool.uk
*.uk.milwaukeetool.uk
pefcwatch.org
*.pefcwatch.org
ppbaixu.com
*.ppbaixu.com
redeem-hu.icu
*.redeem-hu.icu
shoplumiworld.com
*.shoplumiworld.com
shopxqd.online
*.shopxqd.online
smileswoodcraft.co.uk
*.smileswoodcraft.co.uk
sociedadcervecera.co
*.sociedadcervecera.co
solarfestmallorca.com
*.solarfestmallorca.com
solofemaletravellikeapro.club
*.solofemaletravellikeapro.club
spevdsac.online
*.spevdsac.online
streamhackers.club
*.streamhackers.club
technicalbipul.online
*.technicalbipul.online
time-chistoti.online
*.time-chistoti.online
*.hostmaster.tipicp.de
tipicp.de
*.tipicp.de
tlgrm.cyou
*.tlgrm.cyou
trendshopy.club
*.trendshopy.club
viperproxy.club
*.viperproxy.club
visitdengi.online
*.visitdengi.online
wearewatching.online
*.wearewatching.online
weecom.de
*.weecom.de
wngwrr.club
*.wngwrr.club
xlsform.online
*.xlsform.online
*.random.xn--glckspfennig-elb.de
xn--glckspfennig-elb.de
*.xn--glckspfennig-elb.de
Other domains in certificate