Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=discountitredirect.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 01, 2026
Valid Until
July 30, 2026
70 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BE:46:39:47:0A:63:17:D6:BD:77:2C:F5:13:59:E5:27:01:B0:CD:10:40:ED:0E:1C:9B:13:06:B2:40:E9:2E:66
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
tofuly.art
*.tofuly.art
*.bregudev.tofuly.art
*.dev.tofuly.art
*.login.tofuly.art
*.ww2.tofuly.art
4a5v.com
*.4a5v.com
*.ww17.4a5v.com
*.blog.btclotery.com
btclotery.com
*.btclotery.com
*.calendar.btclotery.com
*.random.btclotery.com
*.app.cinematic.it
*.ats.cinematic.it
cinematic.it
*.cinematic.it
*.cloud.cinematic.it
*.demo-visualizations.cinematic.it
*.hostmaster.cinematic.it
*.preview.cinematic.it
*.remote.cinematic.it
*.report.cinematic.it
*.smtp.cinematic.it
*.superset.cinematic.it
*.webmail.cinematic.it
*.a090f0d3-32b2-4c11-aef8-2dcd29a33ab3.cleanbuilds.co
cleanbuilds.co
*.cleanbuilds.co
*.hferlapp.cleanbuilds.co
creditloyal.com
*.creditloyal.com
*.bilibili.cvcrdb.net
*.bwww.cvcrdb.net
cvcrdb.net
*.cvcrdb.net
*.ww25.cvcrdb.net
discountitredirect.com
*.discountitredirect.com
*.pool.discountitredirect.com
*.press.discountitredirect.com
*.random.discountitredirect.com
*.search.discountitredirect.com
*.users.discountitredirect.com
fitnessballs.com.au
*.fitnessballs.com.au
goldcoasttelephonesystems.com.au
*.goldcoasttelephonesystems.com.au
*.ww25.goldcoasttelephonesystems.com.au
*.admin.informationscience.it
*.hostmaster.informationscience.it
informationscience.it
*.informationscience.it
*.app.loancenter.it
*.email.loancenter.it
loancenter.it
*.loancenter.it
*.mail.loancenter.it
*.staging.loancenter.it
*.webmail.loancenter.it
luggagestores.com.au
*.luggagestores.com.au
*.random.luggagestores.com.au
nice180.top
*.nice180.top
perthwelders.au
*.perthwelders.au
riadnejma.com
*.riadnejma.com
*.webmail.riadnejma.com
*.141.stiri-de-urgenta.info
*.adm.stiri-de-urgenta.info
*.co.stiri-de-urgenta.info
*.gig.stiri-de-urgenta.info
*.gilboa.stiri-de-urgenta.info
*.incpm.stiri-de-urgenta.info
*.koastage.stiri-de-urgenta.info
*.lp.stiri-de-urgenta.info
*.revision5.stiri-de-urgenta.info
*.roman.stiri-de-urgenta.info
*.seo-olympus.stiri-de-urgenta.info
stiri-de-urgenta.info
*.stiri-de-urgenta.info
*.ww25.stiri-de-urgenta.info
*.hostmaster.storemonitor.net
storemonitor.net
*.storemonitor.net
zhneker.com
*.zhneker.com
Other domains in certificate