Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=calstra.life
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 04, 2026
Valid Until
August 02, 2026
89 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
8C:13:D4:2F:7D:69:92:B2:DA:E1:F4:12:64:10:D6:21:52:A7:53:38:60:9A:ED:A0:D3:74:B1:66:CA:22:D2:05
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
pythonsanywhere.com
*.pythonsanywhere.com
*.genshin.pythonsanywhere.com
*.airflow.calstra.life
*.alpha.calstra.life
calstra.life
*.calstra.life
*.health.calstra.life
*.metabase.calstra.life
*.pop.calstra.life
*.sitemap.calstra.life
*.ww25.calstra.life
*.9359779.ghhjkl.xyz
*.api.ghhjkl.xyz
*.b157792f-c63b-4e7d-b018-95261a67ce3a.ghhjkl.xyz
*.exxwgmmlmkdev.ghhjkl.xyz
ghhjkl.xyz
*.ghhjkl.xyz
*.kac0t.ghhjkl.xyz
*.mail.ghhjkl.xyz
*.mailer.ghhjkl.xyz
*.marketing.ghhjkl.xyz
*.new.ghhjkl.xyz
*.q2s8t.ghhjkl.xyz
*.secure.ghhjkl.xyz
*.y04uw.ghhjkl.xyz
*.z4r76.ghhjkl.xyz
*.app.nzv8hotlaps.co.nz
*.git.nzv8hotlaps.co.nz
nzv8hotlaps.co.nz
*.nzv8hotlaps.co.nz
*.secure.nzv8hotlaps.co.nz
*.staging.nzv8hotlaps.co.nz
*.stg.nzv8hotlaps.co.nz
*.v1.nzv8hotlaps.co.nz
*.web.nzv8hotlaps.co.nz
*.www.nzv8hotlaps.co.nz
*.1w7xej.oscarspin.games
*.admin.oscarspin.games
*.api.oscarspin.games
*.app.oscarspin.games
*.assets.oscarspin.games
*.demo.oscarspin.games
*.dev.oscarspin.games
oscarspin.games
*.oscarspin.games
*.qqzfh1w7xej.oscarspin.games
*.test.oscarspin.games
*.xofcmadmin.oscarspin.games
*.assets.peluangbisnis.net
*.autoconfig.peluangbisnis.net
*.bbrf1v.peluangbisnis.net
*.c02a8889-8773-472d-822e-d3cc01d4050d.peluangbisnis.net
*.cloud.peluangbisnis.net
*.cpanel.peluangbisnis.net
*.cpcalendars.peluangbisnis.net
*.dev.peluangbisnis.net
*.docs.peluangbisnis.net
*.external.peluangbisnis.net
*.ftp.peluangbisnis.net
*.mta-sts.peluangbisnis.net
*.my.peluangbisnis.net
peluangbisnis.net
*.peluangbisnis.net
*.rd.peluangbisnis.net
*.rds.peluangbisnis.net
*.rdweb.peluangbisnis.net
*.webdisk.peluangbisnis.net
*.webmail.peluangbisnis.net
*.whm.peluangbisnis.net
*.3nxyc.sacryptocurrency.top
*.4kxnn.sacryptocurrency.top
*.5jsd7.sacryptocurrency.top
*.6bnxrw.sacryptocurrency.top
*.fdb74.sacryptocurrency.top
*.hrka1.sacryptocurrency.top
*.j2zfz.sacryptocurrency.top
*.ks0v9.sacryptocurrency.top
*.niw2v.sacryptocurrency.top
*.nktjv.sacryptocurrency.top
*.oahlw.sacryptocurrency.top
*.qakt3.sacryptocurrency.top
sacryptocurrency.top
*.sacryptocurrency.top
*.u46cv.sacryptocurrency.top
*.vhakn.sacryptocurrency.top
*.wslq2.sacryptocurrency.top
*.yhue2.sacryptocurrency.top
*.z4r76.sacryptocurrency.top
*.zruod.sacryptocurrency.top
Other domains in certificate