Open
Cached
·
just now
92/100
SECURITY SCORE
Certificate Information
Subject
UNKNOWN=HRB 24498, UNKNOWN={:asn1_OPENTYPE, <<19, 2, 68, 69>>}, UNKNOWN={:asn1_OPENTYPE, <<19, 20, 80, 114, 105, 118, 97, 116, 101, 32, 79, 114, 103, 97, 110, 105, 122, 97, 116, 105, 111, 110>>}, C=DE, ST=Rheinland-Pfalz, O=IONOS SE, CN=mein.ionos.de
Issuer
C=GB, O=Sectigo Limited, CN=Sectigo Public Server Authentication CA EV R36
Valid From
November 10, 2025
Valid Until
December 11, 2026
388 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C7:A4:61:EA:6C:C0:1F:00:38:04:B6:DA:29:0A:2D:99:4A:9E:9C:49:6D:25:4E:4A:9B:4D:9B:A0:88:8C:F8:B5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
Forward Secrecy
Limited
(Check cipher configuration)
Warnings
- • TLS 1.3 is not supported (recommended)
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000 ; includeSubDomains
Content-Security-Policy
Strong
default-src; img-src; font-src; +7 more
default-src 'self' *.ionos.com sentry.ionos.com frontend-services.ionos.com ahab.ionos.com sherlock.us.ac1.server.lan sherlock.ionos.com l4wxddfpxjw0.statuspage.io ias.ionos.com; img-src 'self' data: *.ionos.com *.uicdn.net; font-src 'self' cors.uicdn.net ce1.uicdn.net; script-src 'nonce-+XIZYRncBkf+4fug34IVhXwEjMyVyve5vx4ws2AdOa4=' 'strict-dynamic' 'self' *.ionos.com uir.uimserv.net ce1.uicdn.net var.uicdn.net; style-src 'self' navigation.ionos.com frontend-services.ionos.com ce1.uicdn.net var.uicdn.net 'nonce-+XIZYRncBkf+4fug34IVhXwEjMyVyve5vx4ws2AdOa4='; frame-src data: 'self' *.ionos.com my.website-editor.net; child-src data: 'self' *.ionos.com; base-uri 'self' sherlock.ionos.com; object-src; frame-ancestors data: 'self' *.ionos.com *.mywebsite-now.com https://my.ionos.com
X-Frame-Options
Present
ALLOW-FROM https://my.ionos.com:443/
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
52 domains
contact.ionos.com
controlpanel.ionos.com
microshop.ionos.com
my.ionos.com
shop.ionos.com
boutique-client.1and1.fr
tickets.fasthosts.co.uk
my.ionos-hosting.fi
mein.ionos.at
contact.ionos.ca
controlpanel.ionos.ca
microshop.ionos.ca
my.ionos.ca
shop.ionos.ca
contact.ionos.co.uk
controlpanel.ionos.co.uk
microshop.ionos.co.uk
my.ionos.co.uk
shop.ionos.co.uk
contact.ionos.de
controlpanel.ionos.de
kontakt.ionos.de
mein.ionos.de
microshop.ionos.de
my.ionos.de
shop.ionos.de
contact.ionos.es
controlpanel.ionos.es
mi.ionos.es
microshop.ionos.es
my.ionos.es
shop.ionos.es
my.ionos.fi
contact.ionos.fr
controlpanel.ionos.fr
microshop.ionos.fr
my.ionos.fr
shop.ionos.fr
www.my.ionos.fr
my.ionos.ie
contact.ionos.it
controlpanel.ionos.it
microshop.ionos.it
my.ionos.it
shop.ionos.it
contact.ionos.mx
controlpanel.ionos.mx
mi.ionos.mx
microshop.ionos.mx
my.ionos.mx
shop.ionos.mx
my.ionos.uk
Other domains in certificate