DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt

Certificate Information

Subject
CN=vaal.xyz
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 24, 2026
Valid Until
July 23, 2026 88 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5E:0C:29:EA:94:3F:E3:F6:AE:F2:F8:B0:58:A0:58:B6:89:15:0C:73:B3:AC:C7:FF:99:7D:59:98:86:05:6B:80
Alternative Names
78 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

78 domains
soguero.com *.soguero.com *.access.soguero.com *.anyconnect.soguero.com *.api.soguero.com *.apps.soguero.com *.clientesvpn.soguero.com *.connect.soguero.com *.dev.soguero.com *.drvpn.soguero.com *.gateway.soguero.com *.m.soguero.com *.members.soguero.com *.mobileconnect.soguero.com *.officevpn.soguero.com *.portal.soguero.com *.rdp.soguero.com *.rds.soguero.com *.rdweb.soguero.com *.remote.soguero.com *.remoteaccess.soguero.com *.remoto.soguero.com *.secure.soguero.com *.secureconnect.soguero.com *.securevpn.soguero.com *.sitemap.soguero.com *.sitemaps.soguero.com *.ssl.soguero.com *.sslvpn.soguero.com *.studentsvpn.soguero.com *.test.soguero.com *.vpn.soguero.com *.vpn1.soguero.com *.vpn2.soguero.com *.vpn3.soguero.com *.vpnssl.soguero.com *.webmail.soguero.com *.webvpn.soguero.com *.ww16.soguero.com *.ww17.soguero.com *.ww25.soguero.com *.ww38.soguero.com

Other domains in certificate

*.autodiscover.epkv.com epkv.com *.epkv.com
esclavage-memoires-normandes.fr *.esclavage-memoires-normandes.fr
grassland.com.au *.grassland.com.au
handsofserenitymassage.org *.handsofserenitymassage.org
in-fabula.ru *.in-fabula.ru
lkcpt.me *.lkcpt.me
organizing.au *.organizing.au *.wildcard.organizing.au *.ww38.organizing.au
*.mail.piscinasone.com piscinasone.com *.piscinasone.com *.ww38.piscinasone.com
selfserve.com.au *.selfserve.com.au
*.admin.shirtdesign.org shirtdesign.org *.shirtdesign.org *.ww38.shirtdesign.org
*.m.stagedress.info stagedress.info *.stagedress.info *.www.stagedress.info
*.gov.vaal.xyz *.random.vaal.xyz vaal.xyz *.vaal.xyz *.ww25.vaal.xyz