DNS Gurus
Cached · just now
79/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt

Certificate Information

Subject
CN=fretta.us
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
January 15, 2026
Valid Until
April 15, 2026 58 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DD:55:A5:09:BD:15:8E:17:6F:C6:AA:46:EC:14:BD:1F:17:0E:31:48:67:8F:5F:B2:AD:B7:DA:9A:84:22:78:C6
Alternative Names
88 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

88 domains
scratchusa.com *.scratchusa.com *.com.scratchusa.com

Other domains in certificate

account-n-see.com *.account-n-see.com *.cicd.account-n-see.com
aniya25.com *.aniya25.com *.manga.aniya25.com
ffv.cz *.ffv.cz *.mondeo.ffv.cz
fretta.us *.fretta.us
*.ci.hiringourheros.com *.cicd.hiringourheros.com hiringourheros.com *.hiringourheros.com *.pipeline.hiringourheros.com
hj5a7.com *.hj5a7.com *.ww25.hj5a7.com
ibuddy.blog *.ibuddy.blog
izanagi-maru.com *.izanagi-maru.com *.sso.izanagi-maru.com
*.c3ex.kmy.de kmy.de *.kmy.de
*.cicd.lupinproteinballs.com lupinproteinballs.com *.lupinproteinballs.com
mirsadaskincare.com *.mirsadaskincare.com
*.hostmaster.mybizzlinks.com mybizzlinks.com *.mybizzlinks.com *.ww38.mybizzlinks.com
*.ci.mymarlandauto.com *.hostmaster.mymarlandauto.com mymarlandauto.com *.mymarlandauto.com
*.cicd.needmorecash.com needmorecash.com *.needmorecash.com *.random.needmorecash.com
*.bi.queeninfo.com *.ci.queeninfo.com *.jenkins.queeninfo.com queeninfo.com *.queeninfo.com *.ww1.queeninfo.com
*.pipeline.riversidecafebs4.co.uk riversidecafebs4.co.uk *.riversidecafebs4.co.uk
*.hostmaster.rpa-l.com rpa-l.com *.rpa-l.com
*.marianprayerbook.saintalphonsa.com saintalphonsa.com *.saintalphonsa.com *.webdisk.saintalphonsa.com
*.ask.snare.com.au snare.com.au *.snare.com.au
*.sincefive.thepilatesstudionb.com thepilatesstudionb.com *.thepilatesstudionb.com
ticketlouvre.com *.ticketlouvre.com *.ww25.ticketlouvre.com
*.ci.trentalcars.com trentalcars.com *.trentalcars.com
*.exchange.vbev.de *.mail2.vbev.de vbev.de *.vbev.de
*.ci.wordsdvds.com *.cicd.wordsdvds.com *.jenkins.wordsdvds.com *.uat.wordsdvds.com wordsdvds.com *.wordsdvds.com
*.ww16.zipforplus.com zipforplus.com *.zipforplus.com