Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=dv3166.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 25, 2026
Valid Until
July 24, 2026
50 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CF:B4:06:7D:43:CA:04:32:F6:41:0F:3A:E6:98:78:BB:D8:E9:FB:E2:F4:5E:3F:FA:58:5E:B4:C0:8E:ED:FB:46
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
merlin-extension.com
*.merlin-extension.com
*.random.merlin-extension.com
*.ww16.merlin-extension.com
*.ww25.merlin-extension.com
*.ww38.merlin-extension.com
al-mulino.com
*.al-mulino.com
*.forum.al-mulino.com
*.net.al-mulino.com
*.ww38.al-mulino.com
*.www.al-mulino.com
*.cache.cdnfile.info
*.cdna-1.cdnfile.info
*.cdna-2.cdnfile.info
*.cdnd-4.cdnfile.info
*.cdnd-8.cdnfile.info
cdnfile.info
*.cdnfile.info
*.hls10x.cdnfile.info
*.hls21x.cdnfile.info
*.hls24x.cdnfile.info
*.hls26xx.cdnfile.info
*.hls3x.cdnfile.info
*.stlx.cdnfile.info
*.storage-22.cdnfile.info
*.storage-6.cdnfile.info
*.www.cdnfile.info
dv3166.com
*.dv3166.com
*.ww25.dv3166.com
elmanitas.com
*.elmanitas.com
gamestoponline.com
*.gamestoponline.com
*.random.gamestoponline.com
*.dom.generacionpentecostes.com
*.faq.generacionpentecostes.com
generacionpentecostes.com
*.generacionpentecostes.com
*.pl.generacionpentecostes.com
*.projects.generacionpentecostes.com
*.ww38.generacionpentecostes.com
hjdc4.com
*.hjdc4.com
*.random.hjdc4.com
*.ww25.hjdc4.com
loafer.au
*.loafer.au
maidforyou.au
*.maidforyou.au
*.mailserver.maidforyou.au
mallee.com.au
*.mallee.com.au
mitha-sa.com
*.mitha-sa.com
*.ww25.mitha-sa.com
*.assets.movies4me.cc
movies4me.cc
*.movies4me.cc
*.ww12.movies4me.cc
osada.com
*.osada.com
*.api.petir138-idn.com
*.app.petir138-idn.com
*.blog.petir138-idn.com
petir138-idn.com
*.petir138-idn.com
*.portail.petir138-idn.com
*.rd.petir138-idn.com
*.rds.petir138-idn.com
*.rdweb.petir138-idn.com
*.remote.petir138-idn.com
*.werkenbij.petir138-idn.com
*.wp.petir138-idn.com
sightseeingtour.com.au
*.sightseeingtour.com.au
*.cpcontacts.timberframetech.co.uk
*.random.timberframetech.co.uk
timberframetech.co.uk
*.timberframetech.co.uk
*.m.upstarts.in
*.mta-sts.upstarts.in
*.sitemap.upstarts.in
*.sitemaps.upstarts.in
upstarts.in
*.upstarts.in
*.www.upstarts.in
wwwgmfamilyfirst.com
*.wwwgmfamilyfirst.com
Other domains in certificate