Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=andomoney.io
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
January 07, 2026
Valid Until
April 07, 2026
45 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6C:69:A7:5A:D6:47:C2:D4:25:17:09:28:F4:60:05:68:A5:67:FE:D2:73:D4:1C:FA:2D:09:55:55:7F:38:0A:47
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
dotsearch.com
*.dotsearch.com
*.dan.dotsearch.com
*.hostmaster.dotsearch.com
*.random.dotsearch.com
*.ww38.dotsearch.com
407rtr.com
*.407rtr.com
*.api.407rtr.com
*.ww38.407rtr.com
amepm.eu
*.amepm.eu
*.correo.amepm.eu
*.fl44b.amepm.eu
*.gitlab.amepm.eu
*.lran5.amepm.eu
andomoney.io
*.andomoney.io
*.app-dev.andomoney.io
*.owa.andomoney.io
*.ww25.andomoney.io
*.www-om.andomoney.io
*.biz-couser.biz-qr.biz
biz-qr.biz
*.biz-qr.biz
*.certificacion-internacional-scrum.biz-qr.biz
*.certificado.biz-qr.biz
*.consultaplacas.biz-qr.biz
*.consultasunarp.biz-qr.biz
*.controlpago.biz-qr.biz
*.dos.biz-qr.biz
*.escuela.biz-qr.biz
*.facturacionelectronica.biz-qr.biz
*.felizcumpleanos.biz-qr.biz
*.firmadigial.biz-qr.biz
*.inventory.biz-qr.biz
*.landingcursos.biz-qr.biz
*.placas.biz-qr.biz
*.tiendavirtual.biz-qr.biz
*.uno.biz-qr.biz
*.ventas.biz-qr.biz
*.vistas.biz-qr.biz
*.apgtoww25.encode.site
*.app.encode.site
*.apps.encode.site
*.ccland.encode.site
encode.site
*.encode.site
*.hostmaster.encode.site
*.i.encode.site
*.www.encode.site
*.account.mpo777.bet
mpo777.bet
*.mpo777.bet
*.ugw.mpo777.bet
*.adult.onlinemanga.xyz
*.animeru.onlinemanga.xyz
*.fs5omx.onlinemanga.xyz
*.imageproxy.onlinemanga.xyz
*.leer.onlinemanga.xyz
*.onepunchman.onlinemanga.xyz
onlinemanga.xyz
*.onlinemanga.xyz
*.phpmyshinj.onlinemanga.xyz
*.xxx.onlinemanga.xyz
*.adgjm.ptwy.com
*.aeikn.ptwy.com
*.corporatehousingdefinition.ptwy.com
*.dfi.ptwy.com
*.fhk.ptwy.com
*.kmq.ptwy.com
*.liabilityinsurancequotes.ptwy.com
*.lnru.ptwy.com
*.morv.ptwy.com
*.mqvz.ptwy.com
*.psvy.ptwy.com
ptwy.com
*.ptwy.com
*.twzc.ptwy.com
*.txzdg.ptwy.com
*.vybei.ptwy.com
*.vyejn.ptwy.com
*.xcgjr.ptwy.com
*.zcfil.ptwy.com
*.api.rena.group
*.new.rena.group
*.random.rena.group
rena.group
*.rena.group
*.staging.rena.group
Other domains in certificate