DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Certificate Information

Subject
CN=firstmakrservices.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
November 08, 2025
Valid Until
February 06, 2026 42 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AF:87:C4:D1:8B:2C:17:15:16:1A:1B:E1:A5:77:29:39:04:4F:C5:CB:A0:0C:2B:91:41:53:E1:2E:18:35:35:1A
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
managedns1.com *.managedns1.com

Other domains in certificate

91dizhi.link *.91dizhi.link *.random.91dizhi.link
belvoirletting.com *.belvoirletting.com
*.alpha.biglink.shop biglink.shop *.biglink.shop *.ftp.biglink.shop *.mail.biglink.shop *.notexistsftp.biglink.shop *.notexistssmtp.biglink.shop *.pop.biglink.shop *.www.biglink.shop
biofitofficial.us *.biofitofficial.us
cashwinlive.site *.cashwinlive.site
conexaopravoce.online *.conexaopravoce.online
deboeuf-motoculture.com *.deboeuf-motoculture.com
divinehealing.site *.divinehealing.site
efilenow.me *.efilenow.me
ethercat.io *.ethercat.io
firstmakrservices.com *.firstmakrservices.com
*.data.giveout.cloud *.free-data.giveout.cloud giveout.cloud *.giveout.cloud *.mq.giveout.cloud *.qz.giveout.cloud
*.admin.hippoflsa.online *.app.hippoflsa.online hippoflsa.online *.hippoflsa.online *.staging.hippoflsa.online *.ww38.hippoflsa.online
how-to.studio *.how-to.studio
jacobss.store *.jacobss.store
likeav40.cc *.likeav40.cc
midiaflix.top *.midiaflix.top
pbisreward.com *.pbisreward.com *.studen.pbisreward.com *.student.pbisreward.com
pertrak.com *.pertrak.com
qresto.online *.qresto.online
real-art.online *.real-art.online
returning.au *.returning.au
*.random.skincareproducts.com.au skincareproducts.com.au *.skincareproducts.com.au
sw-app.sbs *.sw-app.sbs
switchhealthinsurance.com.au *.switchhealthinsurance.com.au
*.perm.tatelier.com tatelier.com *.tatelier.com *.ww25.tatelier.com
*.bizify.technosoft.space *.pos.technosoft.space technosoft.space *.technosoft.space
*.comune.tripadvi.com tripadvi.com *.tripadvi.com
ucn.au *.ucn.au
watchwrestling.icu *.watchwrestling.icu
wir56.site *.wir56.site
wishkolang.com *.wishkolang.com