Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=forwardyour.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 09, 2026
Valid Until
May 10, 2026
87 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B7:54:EA:B2:79:7F:8C:04:3D:FC:63:20:17:62:0D:40:B4:AF:7C:91:90:A9:12:81:2E:89:43:26:1D:6D:91:80
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
chalio.com
*.chalio.com
*.admin.chalio.com
*.anyconnect.chalio.com
*.cisco.chalio.com
*.cloud.chalio.com
*.cpanel.chalio.com
*.cpcontacts.chalio.com
*.email.chalio.com
*.gate.chalio.com
*.owa.chalio.com
*.ravpn.chalio.com
*.rdweb.chalio.com
*.relay.chalio.com
*.remote.chalio.com
*.webvpn.chalio.com
*.wiki.chalio.com
*.3129b67136.espn365.com
*.a459.espn365.com
*.a724.espn365.com
*.b178.espn365.com
*.d378.espn365.com
*.d508.espn365.com
*.d702.espn365.com
espn365.com
*.espn365.com
*.f138.espn365.com
*.f257.espn365.com
*.f400.espn365.com
*.new480.espn365.com
*.new968.espn365.com
*.admin.forwardyour.com
*.api.forwardyour.com
*.app.forwardyour.com
*.assets.forwardyour.com
*.but.forwardyour.com
*.dev.forwardyour.com
forwardyour.com
*.forwardyour.com
*.m.forwardyour.com
*.petrol.forwardyour.com
*.plane.forwardyour.com
*.sitemaps.forwardyour.com
*.test.forwardyour.com
*.yet.forwardyour.com
isibo.tv
*.isibo.tv
*.autoconfig.kokki.it
*.hostmaster.kokki.it
kokki.it
*.kokki.it
*.daibao.ok333.sbs
*.eirian.ok333.sbs
*.gui.ok333.sbs
ok333.sbs
*.ok333.sbs
salarysurvey.in
*.salarysurvey.in
*.comwww.streamimovies.com
*.cpanel.streamimovies.com
*.cpcalendars.streamimovies.com
*.dev3.streamimovies.com
*.online.streamimovies.com
streamimovies.com
*.streamimovies.com
*.uat.streamimovies.com
*.venom2-fullmovie.streamimovies.com
*.webmail.streamimovies.com
*.whm.streamimovies.com
*.25fe944f-ff07-4af8-97c1-bb768165e61c.sunsetaudio.tech
*.app.sunsetaudio.tech
*.forms.sunsetaudio.tech
*.hostmaster.sunsetaudio.tech
*.pop.sunsetaudio.tech
sunsetaudio.tech
*.sunsetaudio.tech
*.test.sunsetaudio.tech
*.yuqrbdemo.sunsetaudio.tech
*.93030c81-e4af-488b-85d2-152a163cccdc.xxx.makeup
*.backup.xxx.makeup
*.bgjoum.xxx.makeup
*.campanha.xxx.makeup
*.dev.xxx.makeup
*.hostmaster.xxx.makeup
*.test.xxx.makeup
*.tjai.xxx.makeup
xxx.makeup
*.xxx.makeup
*.xxxx.xxx.makeup
Other domains in certificate