Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=badak69pragmatic.xyz
Issuer
C=US, O=Let's Encrypt, CN=YR2
Valid From
June 04, 2026
Valid Until
September 02, 2026
68 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BA:14:36:18:74:FC:A2:B7:DA:26:29:E8:59:C0:24:93:A2:97:6D:1C:34:F1:3A:BC:BF:A1:0C:E7:BB:CE:39:B0
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
snowflake.it
*.snowflake.it
*.admin.snowflake.it
*.backend.snowflake.it
*.dashboard.snowflake.it
*.hostmaster.snowflake.it
*.internal.snowflake.it
*.learnsql.snowflake.it
*.notexistsadmin.snowflake.it
*.notexistsdemo.snowflake.it
*.report.snowflake.it
*.superset.snowflake.it
b-n.it
*.b-n.it
*.bi.b-n.it
*.chart.b-n.it
*.rd.b-n.it
*.rds.b-n.it
*.remote.b-n.it
badak69pragmatic.xyz
*.badak69pragmatic.xyz
*.svzzq.badak69pragmatic.xyz
*.app.cosessions.net
cosessions.net
*.cosessions.net
*.dashboard.cosessions.net
*.hostmaster.cosessions.net
*.m.cosessions.net
*.mailer.cosessions.net
*.marketing.cosessions.net
*.owa.cosessions.net
*.random.cosessions.net
*.remote.cosessions.net
*.stg.cosessions.net
*.test.cosessions.net
*.v1.cosessions.net
*.vpn.cosessions.net
*.web.cosessions.net
*.ww41.cosessions.net
*.www.cosessions.net
danhen.com
*.danhen.com
*.rds1.danhen.com
*.ww7.danhen.com
ebert-uhren.de
*.ebert-uhren.de
*.cloud.mirball.studio
*.mail.mirball.studio
mirball.studio
*.mirball.studio
*.tracker.mirball.studio
*.ww38.mirball.studio
*.www.mirball.studio
orales.it
*.orales.it
pasporbetspin.xyz
*.pasporbetspin.xyz
*.ww38.pasporbetspin.xyz
*.9b0b7719-e768-48e1-91f6-cf92ad8f84cb.paymeisters.diamonds
*.api.paymeisters.diamonds
*.app.paymeisters.diamonds
*.assets.paymeisters.diamonds
*.blog.paymeisters.diamonds
*.demo.paymeisters.diamonds
*.dev.paymeisters.diamonds
*.fikivshop.paymeisters.diamonds
*.mail.paymeisters.diamonds
paymeisters.diamonds
*.paymeisters.diamonds
*.qvlpuassets.paymeisters.diamonds
*.shop.paymeisters.diamonds
*.staging.paymeisters.diamonds
*.zn4cpd.paymeisters.diamonds
repaircenter.be
*.repaircenter.be
savetheguthrie.org
*.savetheguthrie.org
*.assets.sebuy.homes
*.portal.sebuy.homes
sebuy.homes
*.sebuy.homes
*.shop.sebuy.homes
*.test.sebuy.homes
*.mitrtalk.songsue.co
songsue.co
*.songsue.co
*.asf.vagasasf.com.br
vagasasf.com.br
*.vagasasf.com.br
*.ww25.vagasasf.com.br
Other domains in certificate