Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=pplenergyplus.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 20, 2026
Valid Until
August 18, 2026
76 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FC:7B:7B:D2:D4:05:40:6D:20:31:1F:3B:04:D9:C0:FB:5B:D3:53:35:90:88:A2:BB:69:66:E5:1D:04:FB:37:D2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
pplenergyplus.com
*.pplenergyplus.com
*.edit.pplenergyplus.com
*.go.pplenergyplus.com
*.ofertas-trabajo.pplenergyplus.com
*.qasc.pplenergyplus.com
*.ww11.pplenergyplus.com
*.ww16.pplenergyplus.com
*.ww2.pplenergyplus.com
*.ww25.pplenergyplus.com
*.ww38.pplenergyplus.com
*.ww43.pplenergyplus.com
*.www.pplenergyplus.com
allinmedia.co
*.allinmedia.co
*.www.allinmedia.co
*.ar.berapt-medii.com
*.bank.berapt-medii.com
berapt-medii.com
*.berapt-medii.com
*.br.berapt-medii.com
*.api.cove-web.com
cove-web.com
*.cove-web.com
happyflow.co
*.happyflow.co
*.sitemap.happyflow.co
*.a.hnkatelier.info
*.admin.hnkatelier.info
*.api.hnkatelier.info
*.app.hnkatelier.info
*.assets.hnkatelier.info
*.blog.hnkatelier.info
*.demo.hnkatelier.info
*.dev.hnkatelier.info
*.dwruurxde47.hnkatelier.info
hnkatelier.info
*.hnkatelier.info
*.rxde47.hnkatelier.info
*.shop.hnkatelier.info
*.test.hnkatelier.info
*.aniqmail.infobuy.it
*.correu.infobuy.it
*.eposta.infobuy.it
*.exch2016.infobuy.it
*.exchangecorp.infobuy.it
*.exchmail.infobuy.it
infobuy.it
*.infobuy.it
*.mail.infobuy.it
*.mail1.infobuy.it
*.msexch2k13.infobuy.it
*.mx.infobuy.it
*.mywebmail.infobuy.it
*.newmail2013.infobuy.it
*.ogrencieposta.infobuy.it
*.remote.infobuy.it
*.smail.infobuy.it
*.smtpa.infobuy.it
*.webmail.infobuy.it
*.webmail2013.infobuy.it
lamborghini.org
*.lamborghini.org
*.m.lamborghini.org
*.office.lamborghini.org
*.webconnect.lamborghini.org
palazos.com
*.palazos.com
*.ww25.palazos.com
*.m.pukul69q.xyz
pukul69q.xyz
*.pukul69q.xyz
*.uvrguoc8wv.pukul69q.xyz
*.admin2.silverblue.it
*.analytics.silverblue.it
*.backend.silverblue.it
*.dev.silverblue.it
*.hostmaster.silverblue.it
silverblue.it
*.silverblue.it
*.cpanel.slutacademy.club
*.cpcalendars.slutacademy.club
slutacademy.club
*.slutacademy.club
*.1.spectre69.xyz
*.inject.spectre69.xyz
*.l1t4.spectre69.xyz
spectre69.xyz
*.spectre69.xyz
*.test.spectre69.xyz
Other domains in certificate