Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=sfitengg.org
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 16, 2026
Valid Until
July 15, 2026
66 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A3:62:50:DF:06:E5:8C:24:50:3A:B4:57:D7:DA:03:E9:AA:EE:6B:8E:AF:8B:EC:73:7B:18:26:30:72:88:E3:87
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
downlyst.com
*.downlyst.com
*.mail.downlyst.com
*.aad076da-0f55-4eb1-90b0-3d0f93ce63bc.coinbureau.news
*.agent.coinbureau.news
*.api.coinbureau.news
*.app.coinbureau.news
*.coin.coinbureau.news
coinbureau.news
*.coinbureau.news
*.crypto.coinbureau.news
*.looker.coinbureau.news
*.mail.coinbureau.news
*.staging.coinbureau.news
*.trade.coinbureau.news
filmcompletvf.buzz
*.filmcompletvf.buzz
*.news.filmcompletvf.buzz
*.sitemap.filmcompletvf.buzz
*.sitemaps.filmcompletvf.buzz
*.video.filmcompletvf.buzz
fundthatbiz.co
*.fundthatbiz.co
*.mail.fundthatbiz.co
*.demo.futemax.life
futemax.life
*.futemax.life
*.ww38.futemax.life
*.blog.helenbarrett.org
helenbarrett.org
*.helenbarrett.org
highperformancephysio.com
*.highperformancephysio.com
*.hostmaster.highperformancephysio.com
*.itsservizial.leimprese.it
leimprese.it
*.leimprese.it
*.dev.nextmgmt.com
nextmgmt.com
*.nextmgmt.com
*.test.nextmgmt.com
*.admin.nouryonhealthplan.com
*.apps.nouryonhealthplan.com
*.mail.nouryonhealthplan.com
*.mwww.nouryonhealthplan.com
*.notexistsvpn.nouryonhealthplan.com
nouryonhealthplan.com
*.nouryonhealthplan.com
*.staging.nouryonhealthplan.com
*.ww25.nouryonhealthplan.com
*.www.nouryonhealthplan.com
*.codex.sfitengg.org
*.cscita.sfitengg.org
*.ecell.sfitengg.org
*.hub.sfitengg.org
*.irisfest.sfitengg.org
*.itsa.sfitengg.org
*.nss.sfitengg.org
*.pfsense.sfitengg.org
*.radlab.sfitengg.org
*.robocon.sfitengg.org
sfitengg.org
*.sfitengg.org
*.sfitpfsense.sfitengg.org
*.sfitsc.sfitengg.org
*.tpo.sfitengg.org
thumbilla.com
*.thumbilla.com
*.ww25.thumbilla.com
*.ww38.thumbilla.com
*.hostmaster.venturabeachrvpark.com
*.testdev.venturabeachrvpark.com
venturabeachrvpark.com
*.venturabeachrvpark.com
*.www.venturabeachrvpark.com
*.i.vnbid.com
*.rd.vnbid.com
vnbid.com
*.vnbid.com
*.hostmaster.zamosc.edu.pl
*.lo3.zamosc.edu.pl
*.mta-sts.zamosc.edu.pl
*.pans.zamosc.edu.pl
*.random.zamosc.edu.pl
*.ww25.zamosc.edu.pl
*.ww38.zamosc.edu.pl
*.www.zamosc.edu.pl
*.zak.zamosc.edu.pl
zamosc.edu.pl
*.zamosc.edu.pl
Other domains in certificate