Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=oystr.studio
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 01, 2026
Valid Until
July 30, 2026
59 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2A:03:52:B7:CE:D5:22:4D:E4:6F:A9:A5:20:03:78:AD:13:BB:89:A5:66:BC:F3:07:45:29:49:35:B1:51:BF:A9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
makeshift.it
*.makeshift.it
*.admin.makeshift.it
*.demo.makeshift.it
*.4yj7f.beta138-slow.xyz
beta138-slow.xyz
*.beta138-slow.xyz
*.kac0t.beta138-slow.xyz
*.autodiscover.dlk.com.pl
*.citrix.dlk.com.pl
*.demo.dlk.com.pl
*.dev.dlk.com.pl
dlk.com.pl
*.dlk.com.pl
*.mail.dlk.com.pl
*.mta-sts.dlk.com.pl
*.old.dlk.com.pl
*.owa.dlk.com.pl
*.shop.dlk.com.pl
*.staging.dlk.com.pl
*.store.dlk.com.pl
*.test.dlk.com.pl
*.webmail.dlk.com.pl
*.www.dlk.com.pl
*.demo.foodnutritionai.com
foodnutritionai.com
*.foodnutritionai.com
galaxyscapes.com
*.galaxyscapes.com
*.m.galaxyscapes.com
*.mx.galaxyscapes.com
*.webdisk.galaxyscapes.com
gmod.it
*.gmod.it
*.hostmaster.gmod.it
*.owa.gmod.it
*.pop.gmod.it
*.rd.gmod.it
*.rdweb.gmod.it
*.remote.gmod.it
*.webmail.gmod.it
*.wwww.gmod.it
melaleucacaravanpark.com.au
*.melaleucacaravanpark.com.au
*.ww11.melaleucacaravanpark.com.au
*.ww16.melaleucacaravanpark.com.au
*.ww25.melaleucacaravanpark.com.au
*.ww38.melaleucacaravanpark.com.au
*.12.off.plus
*.19.off.plus
*.admin.off.plus
*.book.off.plus
*.breathing.off.plus
*.flu.off.plus
*.mail.off.plus
off.plus
*.off.plus
*.v2.off.plus
*.weds.off.plus
*.admin.oreos.us
*.conf.oreos.us
*.development.oreos.us
*.ebdisk.oreos.us
*.ebmail.oreos.us
*.m.oreos.us
*.mail-relay.oreos.us
*.mail.oreos.us
oreos.us
*.oreos.us
*.sitemap.oreos.us
*.v7mdzlcuiy9j5btb.oreos.us
*.webdisk.oreos.us
*.webmail.oreos.us
*.wildcard.oreos.us
*.ww1.oreos.us
*.ww25.oreos.us
*.ww38.oreos.us
oystr.studio
*.oystr.studio
*.ww38.oystr.studio
*.admin.yearend.it
*.dev.yearend.it
*.redash.yearend.it
*.research.yearend.it
*.staging.yearend.it
*.superset.yearend.it
*.supersets.yearend.it
*.webmail.yearend.it
yearend.it
*.yearend.it
Other domains in certificate