DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Certificate Information

Subject
CN=marroqui.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 04, 2026
Valid Until
May 05, 2026 82 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
99:1C:D1:8E:46:02:32:67:4B:B8:C0:CC:F4:15:82:D2:D0:F7:24:7C:EE:FA:43:38:8D:5B:EA:81:98:13:D1:78
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
marroqui.com *.marroqui.com *.assets.marroqui.com *.client.marroqui.com

Other domains in certificate

4ygx.com *.4ygx.com *.ww38.4ygx.com
aqdmv67.com *.aqdmv67.com *.libertypole.aqdmv67.com *.vip.aqdmv67.com
creationsbydonna.com *.creationsbydonna.com *.sitemap.creationsbydonna.com
curringman.xyz *.curringman.xyz
*.access.delion.com delion.com *.delion.com
doctorneena.com *.doctorneena.com *.forum.doctorneena.com *.help.doctorneena.com *.m.doctorneena.com *.random.doctorneena.com *.temp.doctorneena.com
gardencafehove.co.uk *.gardencafehove.co.uk *.ww25.gardencafehove.co.uk
*.dns.gingerssales.com gingerssales.com *.gingerssales.com *.mx7.gingerssales.com
*.api.hiciano.com *.autoconfig.hiciano.com hiciano.com *.hiciano.com
*.cpanel.numxerone.com *.nono.numxerone.com numxerone.com *.numxerone.com *.whm.numxerone.com
openasi.online *.openasi.online *.wwww.openasi.online
*.dev.pouillot.com pouillot.com *.pouillot.com
*.darzacq.revue.live revue.live *.revue.live
*.comune.rosenklee.de rosenklee.de *.rosenklee.de
sherrif.net *.sherrif.net *.ww38.sherrif.net
*.sitemap.thet.website thet.website *.thet.website *.www.thet.website
toto77.store *.toto77.store
tpa-italia.com *.tpa-italia.com *.ww38.tpa-italia.com
usvisasscheduling.com *.usvisasscheduling.com
victoria-house-hamble.co.uk *.victoria-house-hamble.co.uk
*.academiaespacofitness.wefit.site *.academiamvsports.wefit.site *.altivaimoveis.wefit.site *.avempilates.wefit.site *.chat.wefit.site *.danilogentilepersonal.wefit.site *.eighttraining.wefit.site *.elittegestao.wefit.site *.espaco66.wefit.site *.irongym.wefit.site *.jmnatacaoo.wefit.site *.nossaarena.wefit.site *.oscarsilvestrefilho.wefit.site *.peladoreal.wefit.site *.personalstudioroselimelo.wefit.site *.setefc.wefit.site *.statuswelness.wefit.site wefit.site *.wefit.site *.whatsapp.wefit.site