Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=janmanch.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 04, 2026
Valid Until
May 05, 2026
86 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9E:5A:53:B5:F2:BB:3C:E6:B1:6A:F4:7F:31:6B:11:BC:C2:FB:35:EE:2A:0E:BF:DB:0F:81:B4:A9:AA:0B:EA:83
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
robertoortiz.com
*.robertoortiz.com
3xtron.xyz
*.3xtron.xyz
*.ww25.3xtron.xyz
*.ww38.3xtron.xyz
adventurebox.space
*.adventurebox.space
*.ww16.adventurebox.space
*.ww38.adventurebox.space
afrachannel.online
*.afrachannel.online
*.bi.afrachannel.online
*.ww38.afrachannel.online
americanstoys.com
*.americanstoys.com
*.demo.americanstoys.com
amgsignal.com
*.amgsignal.com
*.cloud.amgsignal.com
*.demo.amgsignal.com
amthropologie.com
*.amthropologie.com
*.m.amthropologie.com
*.admin.blitzdraft25.com
blitzdraft25.com
*.blitzdraft25.com
buildingconstruction.com.au
*.buildingconstruction.com.au
*.random.buildingconstruction.com.au
*.ww38.buildingconstruction.com.au
*.beta.exhibitionismus.com
exhibitionismus.com
*.exhibitionismus.com
*.sitemaps.exhibitionismus.com
imperadorrodizio.com
*.imperadorrodizio.com
*.www.imperadorrodizio.com
*.94de87c9-96f7-4cd3-a8c2-c49439d45698.janmanch.com
janmanch.com
*.janmanch.com
kshbike.com
*.kshbike.com
*.m.kshbike.com
larryhmillerhonda.com
*.larryhmillerhonda.com
*.remote.larryhmillerhonda.com
*.ww17.larryhmillerhonda.com
modernclip.com
*.modernclip.com
mothercourses.com
*.mothercourses.com
moviepark.in
*.moviepark.in
*.random.moviepark.in
novaprofissao.com
*.novaprofissao.com
omm7im.buzz
*.omm7im.buzz
preciousweddingsmoments.beauty
*.preciousweddingsmoments.beauty
recuerdas.com
*.recuerdas.com
risunki.com
*.risunki.com
ruyacafe.com
*.ruyacafe.com
s8otbpr.cyou
*.s8otbpr.cyou
*.random.shawford.com
shawford.com
*.shawford.com
symank.com
*.symank.com
*.ww11.symank.com
*.casino.viplist.pw
*.pets.viplist.pw
*.travel-hotel.viplist.pw
viplist.pw
*.viplist.pw
*.a10.virtuousteas.info
*.random.virtuousteas.info
virtuousteas.info
*.virtuousteas.info
*.infolab.watfordjobs.com
watfordjobs.com
*.watfordjobs.com
zxvlv.com
*.zxvlv.com
Other domains in certificate