DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Certificate Information

Subject
CN=astralaxis.tech
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
January 31, 2026
Valid Until
May 01, 2026 80 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
90:51:DC:09:89:C6:BA:05:00:9C:66:45:C4:61:A5:B2:D2:55:4E:5D:E0:96:04:D0:97:A2:34:91:D7:16:93:C7
Alternative Names
89 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains
trinitarios.com *.trinitarios.com

Other domains in certificate

astralaxis.tech *.astralaxis.tech *.dashbeta.astralaxis.tech
kogi.online *.kogi.online *.wildcard.kogi.online *.ww25.kogi.online
*.aann.soclenta.com *.api.soclenta.com *.cht.soclenta.com *.kit.soclenta.com *.kudr.soclenta.com soclenta.com *.soclenta.com
svetlecereklame.com *.svetlecereklame.com
swetcha.com *.swetcha.com
textosgratis.com *.textosgratis.com
texxo.com *.texxo.com
thattutor.com *.thattutor.com
thechurn.com *.thechurn.com
thecolonel.com *.thecolonel.com
thegardenwhisperer.live *.thegardenwhisperer.live
thenobody.com *.thenobody.com
thisis.net *.thisis.net
tindaya.com *.tindaya.com
tokal.com *.tokal.com
*.33d8ce56fdc8.tomie.club *.analytic.tomie.club *.autodiscover.tomie.club *.cpcontacts.tomie.club *.crm.tomie.club *.dc-de2aa177e1fe.tomie.club *.read.tomie.club tomie.club *.tomie.club *.w.tomie.club *.w2.tomie.club *.w3.tomie.club *.webdisk.tomie.club *.webmail.tomie.club *.ww25.tomie.club *.ww3.tomie.club
trafficthrottle.com *.trafficthrottle.com
trafiksikkerhed.com *.trafiksikkerhed.com
travellegendsexplore.xyz *.travellegendsexplore.xyz
travelpeakexperiences.xyz *.travelpeakexperiences.xyz
travelspiritwander.xyz *.travelspiritwander.xyz
trendpump.com *.trendpump.com
ule888.com *.ule888.com
unerencontres.com *.unerencontres.com
uniqueweddingsstyle.beauty *.uniqueweddingsstyle.beauty
*.intern.universiteit.com universiteit.com *.universiteit.com
unqat176.com *.unqat176.com
upland.net *.upland.net
urbanhillbilly.com *.urbanhillbilly.com
velcrowall.com *.velcrowall.com
verygoodgirl.com *.verygoodgirl.com
vinculando.com *.vinculando.com