Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=xn--fischgrte-verschluckt-c2b.de
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 16, 2026
Valid Until
July 15, 2026
61 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
76:40:E1:05:1D:5F:BD:BB:A8:FD:05:E2:AF:12:F8:2D:8C:91:4A:07:B6:C3:4C:C6:4D:30:ED:DC:52:27:FE:86
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
destinyfernandi.com
*.destinyfernandi.com
c05.my
*.c05.my
chooseugc.com
*.chooseugc.com
d01.my
*.d01.my
deepresource-ai.com
*.deepresource-ai.com
e02.my
*.e02.my
e5420926.vip
*.e5420926.vip
e5448187.vip
*.e5448187.vip
e5458006.vip
*.e5458006.vip
emersonbroga.com
*.emersonbroga.com
ethkz.vip
*.ethkz.vip
f2f1k3.my
*.f2f1k3.my
findroutyn.business
*.findroutyn.business
flowmega.com
*.flowmega.com
fondationdonwahi.org
*.fondationdonwahi.org
fuate8.my
*.fuate8.my
gaming-pcs-images-559.sbs
*.gaming-pcs-images-559.sbs
gb7qls.my
*.gb7qls.my
goanimalz.com
*.goanimalz.com
goodprofit.com
*.goodprofit.com
grandscout.com
*.grandscout.com
guweso.pro
*.guweso.pro
hlgzt.plus
*.hlgzt.plus
hofmann-bau.com
*.hofmann-bau.com
humbleharvestwellness.com
*.humbleharvestwellness.com
il64qa.my
*.il64qa.my
imagelawfirm.com
*.imagelawfirm.com
imagelawyers.com
*.imagelawyers.com
*.dan.innovatronic.com
innovatronic.com
*.innovatronic.com
izywp.town
*.izywp.town
menyala123asia.com
*.menyala123asia.com
muskogeemugs.com
*.muskogeemugs.com
nhqduft1552.vip
*.nhqduft1552.vip
nicheknit.com
*.nicheknit.com
okxxb.top
*.okxxb.top
peakpantry.food
*.peakpantry.food
personaagentic.com
*.personaagentic.com
preferbtc.com
*.preferbtc.com
psychologicalespresso.com
*.psychologicalespresso.com
qklgjilu.top
*.qklgjilu.top
southlanddeals.com
*.southlanddeals.com
*.amdocs.subscriber.net
subscriber.net
*.subscriber.net
wwo2m33.top
*.wwo2m33.top
xn--fischgrte-verschluckt-c2b.de
*.xn--fischgrte-verschluckt-c2b.de
Other domains in certificate