Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=playbyyourself.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 05, 2026
Valid Until
May 06, 2026
82 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E6:7F:B9:70:35:89:B7:93:02:12:BE:F0:D8:79:CF:6A:7B:A3:71:B0:84:92:38:64:43:D0:61:0C:13:21:28:2C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
88 domains
wetransfre.com
*.wetransfre.com
*.m.wetransfre.com
assit.org
*.assit.org
*.rx.assit.org
bankofamertica.com
*.bankofamertica.com
*.m.bankofamertica.com
*.seed.bankofamertica.com
*.snapshot.bankofamertica.com
*.blog.egedezone.com
egedezone.com
*.egedezone.com
*.mail.egedezone.com
michigantax.directory
*.michigantax.directory
*.portal.michigantax.directory
*.api.noaisocial.com
*.app.noaisocial.com
*.demo.noaisocial.com
*.dev.noaisocial.com
*.hostmaster.noaisocial.com
*.mail.noaisocial.com
noaisocial.com
*.noaisocial.com
*.rd.noaisocial.com
*.remote.noaisocial.com
*.shop.noaisocial.com
*.test.noaisocial.com
*.testing.noaisocial.com
*.vpn.noaisocial.com
*.www.noaisocial.com
ostenfeldt.com
*.ostenfeldt.com
*.test.ostenfeldt.com
playbyyourself.com
*.playbyyourself.com
*.test.playbyyourself.com
*.m.producktive.com
producktive.com
*.producktive.com
*.test.producktive.com
*.ww25.producktive.com
*.antiraid.rh-web.eu
*.arda-hebergement.rh-web.eu
*.auzrel.rh-web.eu
*.bdert.rh-web.eu
*.dd06-dev.rh-web.eu
*.dev.rh-web.eu
*.diczic.rh-web.eu
*.dl.rh-web.eu
*.elternis.rh-web.eu
*.elysionpolice.rh-web.eu
*.ezfilm.rh-web.eu
*.g-stream.rh-web.eu
*.gon.rh-web.eu
*.hiru.rh-web.eu
*.hyrbidetv.rh-web.eu
*.mail.rh-web.eu
*.maxou45400.rh-web.eu
*.memeshop.rh-web.eu
*.my.rh-web.eu
*.nahlyacraft.rh-web.eu
*.nazery.rh-web.eu
*.phoenixeternal.rh-web.eu
*.programmashop.rh-web.eu
rh-web.eu
*.rh-web.eu
*.robloxiancommunity.rh-web.eu
*.testsiteweb.rh-web.eu
*.tktrp.rh-web.eu
*.umaroth.rh-web.eu
*.webtest.rh-web.eu
*.xiomy.rh-web.eu
*.zekgen.rh-web.eu
*.zolonia.rh-web.eu
robledal.com
*.robledal.com
*.test.robledal.com
*.ww25.robledal.com
solidarieta.com
*.solidarieta.com
*.test.solidarieta.com
*.www.solidarieta.com
*.portal.verona.best
verona.best
*.verona.best
Other domains in certificate