Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=brutt.shop
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 07, 2026
Valid Until
May 08, 2026
88 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C8:E6:8E:19:03:C6:57:7E:4C:AF:78:21:59:C0:69:3B:5A:E9:80:E4:F7:6B:D1:3D:CF:16:0A:38:94:39:4D:F1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
fedewa.com
*.fedewa.com
*.backup.fedewa.com
*.beta.fedewa.com
*.blog.fedewa.com
*.connect.fedewa.com
*.demo.fedewa.com
*.gateway.fedewa.com
*.gp.fedewa.com
*.hostmaster.fedewa.com
*.mail.fedewa.com
*.owa.fedewa.com
*.rdweb.fedewa.com
*.secure.fedewa.com
*.sslvpn.fedewa.com
*.vpn.fedewa.com
*.vpnssl.fedewa.com
*.webmail.fedewa.com
*.ww16.fedewa.com
*.ww25.fedewa.com
biggestbum.com
*.biggestbum.com
*.devops.biggestbum.com
bilanciofamiliare.it
*.bilanciofamiliare.it
*.dashboard.bilanciofamiliare.it
*.notexistsstaging.bilanciofamiliare.it
binomio.com
*.binomio.com
*.ssl.binomio.com
*.sslvpn.binomio.com
brutt.shop
*.brutt.shop
cahbeqw99567dhqwew01jdqw.vip
*.cahbeqw99567dhqwew01jdqw.vip
caliroofer.com
*.caliroofer.com
chameleonvintage.com
*.chameleonvintage.com
*.admin.dezeigns.com
dezeigns.com
*.dezeigns.com
*.old.dezeigns.com
eniyisahne.online
*.eniyisahne.online
eoll0jg.cyou
*.eoll0jg.cyou
epjijq.biz
*.epjijq.biz
esportshof.com
*.esportshof.com
everydayelementsparty.com
*.everydayelementsparty.com
eye-specialist-au-2618.click
*.eye-specialist-au-2618.click
greenvpn.net
*.greenvpn.net
*.us4.greenvpn.net
*.admin.pincoya.com
*.dash.pincoya.com
*.m.pincoya.com
pincoya.com
*.pincoya.com
*.staging.pincoya.com
*.webmail.pincoya.com
*.ww1.pincoya.com
*.zmail.pincoya.com
*.admin.sexercise.it
sexercise.it
*.sexercise.it
*.access.treppiedi.com
*.admin.treppiedi.com
*.apps.treppiedi.com
*.cloud.treppiedi.com
*.gateway.treppiedi.com
*.m.treppiedi.com
*.mkt.treppiedi.com
*.portal.treppiedi.com
*.rds.treppiedi.com
*.rds1.treppiedi.com
*.rdweb.treppiedi.com
*.remote.treppiedi.com
*.test.treppiedi.com
treppiedi.com
*.treppiedi.com
*.ts.treppiedi.com
*.vpn.treppiedi.com
*.ww5.treppiedi.com
*.www.treppiedi.com
Other domains in certificate