Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=fitmedia.xyz
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 22, 2026
Valid Until
August 20, 2026
77 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2D:AB:1A:D8:25:EB:79:85:0E:43:82:24:E1:98:E9:42:1B:3D:03:5D:EE:A6:FC:AB:E0:47:07:FA:B7:43:7C:EF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
peyae.com
*.peyae.com
*.exloc.peyae.com
85481.com
*.85481.com
becahishimuv.com
*.becahishimuv.com
boostpng.com
*.boostpng.com
*.cdn.boostpng.com
cs-metall-recycling.de
*.cs-metall-recycling.de
*.hostmaster.cs-metall-recycling.de
*.ww38.cs-metall-recycling.de
*.cc.ethkz.vip
*.cn.ethkz.vip
ethkz.vip
*.ethkz.vip
*.api.fect.it
*.demo.fect.it
fect.it
*.fect.it
*.hardwaree.fect.it
*.makeitpe.fect.it
*.notexistsmakeitper.fect.it
*.reigns.fect.it
fitmedia.xyz
*.fitmedia.xyz
groupshop.co
*.groupshop.co
*.ptr9401.groupshop.co
hacc.au
*.hacc.au
*.random.hacc.au
*.dns.herffororlando.com
herffororlando.com
*.herffororlando.com
*.hostmaster.herffororlando.com
*.mx7.herffororlando.com
*.ww25.herffororlando.com
*.api.hopinboard.com
*.cloud.hopinboard.com
*.dev.hopinboard.com
hopinboard.com
*.hopinboard.com
*.members.hopinboard.com
*.new.hopinboard.com
*.rd.hopinboard.com
*.rds.hopinboard.com
*.rdweb.hopinboard.com
*.remote.hopinboard.com
*.test.hopinboard.com
*.vpn.hopinboard.com
mgjw79xl.com
*.mgjw79xl.com
*.ww25.mgjw79xl.com
nahkampfwaffen.de
*.nahkampfwaffen.de
*.random.nahkampfwaffen.de
nebulacollective.com
*.nebulacollective.com
*.random.nebulacollective.com
*.webdisk.nebulacollective.com
*.admin.sec-lossong.xyz
sec-lossong.xyz
*.sec-lossong.xyz
*.www.sec-lossong.xyz
*.admin.spaciouseros.com
*.api.spaciouseros.com
*.app.spaciouseros.com
*.backup.spaciouseros.com
*.members.spaciouseros.com
spaciouseros.com
*.spaciouseros.com
*.staging.spaciouseros.com
*.uat.spaciouseros.com
*.vpn.spaciouseros.com
tiermandala.de
*.tiermandala.de
uce.digital
*.uce.digital
*.ww38.uce.digital
unlandlord.com
*.unlandlord.com
*.ossalopez.vauru.co
vauru.co
*.vauru.co
*.hostmaster.walkingtours.com.au
walkingtours.com.au
*.walkingtours.com.au
Other domains in certificate