DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Certificate Information

Subject
CN=schimelmitzotorrino.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
December 24, 2025
Valid Until
March 24, 2026 43 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4A:79:05:19:67:E8:BB:2A:62:3B:AD:B6:2F:31:83:45:E3:08:77:B7:62:31:39:1A:9F:38:BA:B8:98:64:CC:48
Alternative Names
74 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

74 domains
smithsoianmag.com *.smithsoianmag.com

Other domains in certificate

7x7v.com *.7x7v.com *.av614.7x7v.com
*.4gi.ahertz.com ahertz.com *.ahertz.com
bintangspa.com *.bintangspa.com
bonnybridgecentral.co.uk *.bonnybridgecentral.co.uk
correucaib.es *.correucaib.es *.random.correucaib.es *.ww16.correucaib.es
e621.uk *.e621.uk
*.bta.fullstripe.tech *.entityframeworkcodefirsttest.fullstripe.tech *.filmtube.fullstripe.tech *.fuckhp.fullstripe.tech fullstripe.tech *.fullstripe.tech *.pra-dev.fullstripe.tech *.pra-prod.fullstripe.tech *.pra-sentry.fullstripe.tech *.redmine.fullstripe.tech *.restartclick.fullstripe.tech *.scrapehashtag.fullstripe.tech *.web2-dev.fullstripe.tech
hamradiosales.co.uk *.hamradiosales.co.uk
happyhandsbrandnewliquidation.com *.happyhandsbrandnewliquidation.com
heavenlytouchmassagelondon.co.uk *.heavenlytouchmassagelondon.co.uk
*.dev.ingersoll-inc.com ingersoll-inc.com *.ingersoll-inc.com
isitkosher.co.uk *.isitkosher.co.uk
lapakajaib.xyz *.lapakajaib.xyz
laxusmod.com *.laxusmod.com
moinhodospaes.com *.moinhodospaes.com
myphonenumber.com.au *.myphonenumber.com.au
schimelmitzotorrino.com *.schimelmitzotorrino.com *.ww25.schimelmitzotorrino.com
scrubdandbeyond.com *.scrubdandbeyond.com
smartenglishbd.com *.smartenglishbd.com
*.gouv.smsregularisation.com smsregularisation.com *.smsregularisation.com *.ww16.smsregularisation.com
spibeachrentals.net *.spibeachrentals.net
*.site.usdomship-hgh.com usdomship-hgh.com *.usdomship-hgh.com
*.app.viet69clip.net viet69clip.net *.viet69clip.net *.ww38.viet69clip.net *.www.viet69clip.net
*.random.websummittech.com websummittech.com *.websummittech.com