Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=spicasc.net
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 03, 2026
Valid Until
August 01, 2026
80 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9B:46:55:C0:12:30:95:F4:A2:62:90:51:8A:CB:EB:61:A7:4C:64:74:6D:3D:A9:46:F5:2F:1A:2B:C0:BF:4B:1D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
indefinitee.com
*.indefinitee.com
*.f9a13365-171d-4081-ac84-d32a9a58628a.indefinitee.com
*.legacy.indefinitee.com
*.sandbox.indefinitee.com
avails.xyz
*.avails.xyz
*.d.avails.xyz
*.wildcard.avails.xyz
betplay569.homes
*.betplay569.homes
*.bk.betplay569.homes
*.www.betplay569.homes
*.app.corpdomains.net
corpdomains.net
*.corpdomains.net
*.dan.corpdomains.net
*.hostmaster.corpdomains.net
*.node.corpdomains.net
*.random.corpdomains.net
*.superset3.corpdomains.net
*.visualizations.corpdomains.net
cubicle.life
*.cubicle.life
*.test.cubicle.life
donbonito.com
*.donbonito.com
*.admin.giel.blog
*.api.giel.blog
*.app.giel.blog
*.assets.giel.blog
*.demo.giel.blog
*.dev.giel.blog
giel.blog
*.giel.blog
*.members.giel.blog
*.test.giel.blog
*.apps.groomingdalesbysarah.com
*.bi-alpha.groomingdalesbysarah.com
*.bi.groomingdalesbysarah.com
*.gitlab.groomingdalesbysarah.com
groomingdalesbysarah.com
*.groomingdalesbysarah.com
*.mx.groomingdalesbysarah.com
*.rdp.groomingdalesbysarah.com
*.remote.groomingdalesbysarah.com
*.sitemaps.groomingdalesbysarah.com
*.www.groomingdalesbysarah.com
*.api.hexrat.info
*.app.hexrat.info
*.c1c08e53-07d9-4109-aa34-af16d56098ee.hexrat.info
*.dev.hexrat.info
*.e848d9fd-93f9-43b7-a7bb-96ea52f90b5d.hexrat.info
hexrat.info
*.hexrat.info
*.lek3yx.hexrat.info
*.www.hexrat.info
phffers.com
*.phffers.com
*.promo.phffers.com
*.admin.rushracks.com
*.backend.rushracks.com
*.dev.rushracks.com
rushracks.com
*.rushracks.com
spicasc.net
*.spicasc.net
*.wildcard.spicasc.net
*.m.stressfreemedical.com
stressfreemedical.com
*.stressfreemedical.com
*.vlntawwww.stressfreemedical.com
*.webdisk.stressfreemedical.com
*.auover.t-onlilne.de
*.autodiscover.t-onlilne.de
*.email.t-onlilne.de
*.production.t-onlilne.de
*.sap.t-onlilne.de
t-onlilne.de
*.t-onlilne.de
*.ww1.t-onlilne.de
*.www.t-onlilne.de
*.m.talked.tv
talked.tv
*.talked.tv
*.jelimalskidmenot.upflockdigitalconference.com
*.maxlifedreamitaceit.upflockdigitalconference.com
upflockdigitalconference.com
*.upflockdigitalconference.com
Other domains in certificate