Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=caspermattress.shop
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 20, 2026
Valid Until
August 18, 2026
59 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
15:3F:67:2B:7A:2B:16:30:0A:47:C5:5A:0C:AC:36:16:42:2D:AA:4F:10:2A:E4:D5:AF:18:F3:42:4E:B5:9E:80
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
lxc.de
*.lxc.de
*.szm.lxc.de
17j37.vip
*.17j37.vip
*.api.17j37.vip
*.intranet.17j37.vip
*.vip.17j37.vip
*.api.buyfonio.com
buyfonio.com
*.buyfonio.com
*.rpm.buyfonio.com
*.sitemaps.buyfonio.com
*.app.cartucceoriginali.it
*.backend.cartucceoriginali.it
cartucceoriginali.it
*.cartucceoriginali.it
*.console.cartucceoriginali.it
*.dash.cartucceoriginali.it
*.dashboard.cartucceoriginali.it
*.notexistsapi.cartucceoriginali.it
*.superset.cartucceoriginali.it
caspermattress.shop
*.caspermattress.shop
*.rustore.caspermattress.shop
*.ww38.caspermattress.shop
chengren1.shop
*.chengren1.shop
discountregistrar.com
*.discountregistrar.com
*.random.discountregistrar.com
*.ww25.discountregistrar.com
flowersbythedozen.shop
*.flowersbythedozen.shop
*.emv1.geographylessons.us
geographylessons.us
*.geographylessons.us
*.mail.geographylessons.us
*.www.geographylessons.us
gracejewelry.shop
*.gracejewelry.shop
*.apply.inde3ed.com
*.canary.inde3ed.com
*.club.inde3ed.com
*.conv.inde3ed.com
*.e.inde3ed.com
*.extranet.inde3ed.com
*.german.inde3ed.com
inde3ed.com
*.inde3ed.com
*.poczta.inde3ed.com
*.users.inde3ed.com
lyfix.live
*.lyfix.live
m-assembly.shop
*.m-assembly.shop
markplus.shop
*.markplus.shop
nfoidi.com
*.nfoidi.com
*.ww25.nfoidi.com
*.ww38.nfoidi.com
semrueh.com
*.semrueh.com
*.ww25.semrueh.com
sex-test.de
*.sex-test.de
*.telefo.sex-test.de
shgz488.top
*.shgz488.top
survivalrides.com
*.survivalrides.com
*.app.tik.watch
*.demo.tik.watch
*.dev.tik.watch
*.downloaded.tik.watch
*.test.tik.watch
tik.watch
*.tik.watch
*.admin.vacay.cc
*.api.vacay.cc
*.app.vacay.cc
*.assets.vacay.cc
*.demo.vacay.cc
*.dev.vacay.cc
*.m.vacay.cc
*.test.vacay.cc
vacay.cc
*.vacay.cc
*.www.vacay.cc
Other domains in certificate