DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt Active incidents

Certificate Information

Subject
CN=blackwaterbrewery.com
Issuer
C=US, O=Let's Encrypt, CN=YR2
Valid From
May 29, 2026
Valid Until
August 27, 2026 63 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E9:EE:20:A9:65:9D:F3:3B:DF:1C:C4:DE:C8:4F:12:C0:62:11:8D:B5:A9:5A:CB:B8:17:D3:EA:F8:1E:B3:28:52
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
mids.io *.mids.io

Other domains in certificate

alebilet.it.com *.alebilet.it.com
blackwaterbrewery.com *.blackwaterbrewery.com *.m.blackwaterbrewery.com
bonziplay.it.com *.bonziplay.it.com
*.11924836-8a4c-4648-b3d4-aae148f9cd45.club-dubaispin168.pro club-dubaispin168.pro *.club-dubaispin168.pro
djhak.it.com *.djhak.it.com
*.123.gattine.com gattine.com *.gattine.com *.superset.gattine.com *.visual.gattine.com
gogomanga.co *.gogomanga.co *.www.gogomanga.co
high-yield-savings-accounts.top *.high-yield-savings-accounts.top
huyu021.com *.huyu021.com
icopa2018.org *.icopa2018.org
italy-sweden-train-tour-packages.sbs *.italy-sweden-train-tour-packages.sbs
jersyup.info *.jersyup.info
jgpvip.it.com *.jgpvip.it.com
jkeko.town *.jkeko.town
juegosfrivpoki.com *.juegosfrivpoki.com
lastjournalist.com *.lastjournalist.com
ltlee.com *.ltlee.com
mfortress.com *.mfortress.com
mitty.co *.mitty.co
*.app.onegogle.com onegogle.com *.onegogle.com
*.monitor.paterna.bio paterna.bio *.paterna.bio *.plan-trends.paterna.bio *.preview.paterna.bio *.ww38.paterna.bio
*.adobe.pick-pack.co *.co.pick-pack.co *.cpanel.pick-pack.co *.dmz2.pick-pack.co *.eva.pick-pack.co pick-pack.co *.pick-pack.co *.so.pick-pack.co
pjpoy.my *.pjpoy.my
purses.top *.purses.top
pxltzc.top *.pxltzc.top
rebeccaring.com *.rebeccaring.com
reliabletravelventures.live *.reliabletravelventures.live
royelclothing.com *.royelclothing.com
soothing.it.com *.soothing.it.com
*.betww38.stitchw1.bet stitchw1.bet *.stitchw1.bet
sugarbonz.it.com *.sugarbonz.it.com
swbonz.it.com *.swbonz.it.com
*.kr41.togirl.co togirl.co *.togirl.co
*.sitemaps.wastenot.info wastenot.info *.wastenot.info