Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=xn--lott-o3a.live
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 12, 2026
Valid Until
August 10, 2026
76 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B1:BC:12:D7:87:D2:0D:89:EB:9F:B4:77:27:45:09:30:44:D2:D2:FC:74:1C:3C:3B:E3:62:3D:53:02:5F:30:C6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
facebooku.com
*.facebooku.com
*.158www.facebooku.com
*.2fm.facebooku.com
*.ja-jp.facebooku.com
*.prod.facebooku.com
*.superset.facebooku.com
*.web.facebooku.com
*.webmail.facebooku.com
*.z-upload.facebooku.com
atlasbeer.com
*.atlasbeer.com
barahonainversiones.com
*.barahonainversiones.com
*.ww25.barahonainversiones.com
blankdata.com
*.blankdata.com
*.7qy0ao.conroeroofing.company
*.api.conroeroofing.company
*.app.conroeroofing.company
conroeroofing.company
*.conroeroofing.company
*.dashboard.conroeroofing.company
*.dev.conroeroofing.company
*.staging.conroeroofing.company
*.web.conroeroofing.company
downlodhub.in
*.downlodhub.in
eczemababy.com
*.eczemababy.com
gesundes-kaarst.de
*.gesundes-kaarst.de
*.www.gesundes-kaarst.de
mgmsignature.com
*.mgmsignature.com
mpzmhb.cc
*.mpzmhb.cc
ofice-space-rnt-uk.sbs
*.ofice-space-rnt-uk.sbs
paid-sperm-donation-1u8w2s9d2j8.sbs
*.paid-sperm-donation-1u8w2s9d2j8.sbs
*.admin.quantumaiaddress.com
*.app.quantumaiaddress.com
*.assets.quantumaiaddress.com
*.marketing.quantumaiaddress.com
*.qa.quantumaiaddress.com
quantumaiaddress.com
*.quantumaiaddress.com
*.web.quantumaiaddress.com
*.aus1.torbrowser.org
*.bridge.torbrowser.org
*.bridges.torbrowser.org
*.connect.torbrowser.org
*.on.torbrowser.org
*.status.torbrowser.org
torbrowser.org
*.torbrowser.org
*.ww25.torbrowser.org
*.ww38.torbrowser.org
tray.com.au
*.tray.com.au
*.ww25.tray.com.au
web-pam.com
*.web-pam.com
*.ww12.web-pam.com
*.random.xn--dampfgltter-r8a.de
xn--dampfgltter-r8a.de
*.xn--dampfgltter-r8a.de
*.01cf4ee5-2792-4492-8b49-a40f1d74c8f4.xn--lott-o3a.live
*.0agkgo.xn--lott-o3a.live
*.6c96def1-62ce-4fda-a304-b9092f0234e2.xn--lott-o3a.live
*.a19d3f00-ada2-4aa8-b376-5918e4656fc9.xn--lott-o3a.live
*.api.xn--lott-o3a.live
*.dev.xn--lott-o3a.live
*.mail.xn--lott-o3a.live
*.qa.xn--lott-o3a.live
*.secure.xn--lott-o3a.live
*.staging.xn--lott-o3a.live
*.stg.xn--lott-o3a.live
*.tjbakqhp.xn--lott-o3a.live
*.unaghv1.xn--lott-o3a.live
*.v1.xn--lott-o3a.live
*.v2.xn--lott-o3a.live
*.web.xn--lott-o3a.live
xn--lott-o3a.live
*.xn--lott-o3a.live
*.lanzkocht.zof.de
*.random.zof.de
zof.de
*.zof.de
Other domains in certificate