Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=blindx.de
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
December 08, 2025
Valid Until
March 08, 2026
55 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
97:D2:CB:00:DD:9D:3B:13:52:16:63:FE:76:2A:AC:ED:F8:AF:4E:FC:F1:FE:F1:82:9A:C7:8F:BA:A8:73:99:BB
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
late.today
*.late.today
*.be.late.today
*.cam.late.today
*.come.late.today
*.get.late.today
*.ko.late.today
*.little.late.today
*.mail.late.today
*.mpotse.late.today
*.ngibe.late.today
*.open.late.today
*.real.late.today
*.sp.late.today
*.to.late.today
*.too.late.today
*.up.late.today
*.was.late.today
*.work.late.today
*.working.late.today
*.wprkee.late.today
*.you.late.today
abeecadventures.com
*.abeecadventures.com
amandacromero.com
*.amandacromero.com
amandagabryella.com
*.amandagabryella.com
asadoreselllanero.co
*.asadoreselllanero.co
blindx.de
*.blindx.de
*.hostmaster.blindx.de
bosandyou.com
*.bosandyou.com
didong.me
*.didong.me
*.mail.didong.me
*.mall.didong.me
*.static.didong.me
dinyraecollections.com
*.dinyraecollections.com
du95tq2lrj.com
*.du95tq2lrj.com
fastighetsbyra.com
*.fastighetsbyra.com
*.owhjfswedbank.fastighetsbyra.com
*.swedbank.fastighetsbyra.com
*.9022.gimile.com
*.alinakhli95.gimile.com
*.bb.gimile.com
gimile.com
*.gimile.com
*.mail.gimile.com
*.quintano.gimile.com
*.random.gimile.com
*.sari.gimile.com
*.slovo.gimile.com
*.waghole.gimile.com
*.wagholewaghole.gimile.com
*.ww25.gimile.com
*.ww38.gimile.com
*.bobs.gppcliams.com
gppcliams.com
*.gppcliams.com
*.shop.gppcliams.com
*.html-color-codes.inicar.info
inicar.info
*.inicar.info
*.keycode.inicar.info
jalguru.com
*.jalguru.com
jazztelhiring740069.icu
*.jazztelhiring740069.icu
kingtime.xyz
*.kingtime.xyz
primalperformanceu.com
*.primalperformanceu.com
renscleaningservices.uk
*.renscleaningservices.uk
sdtenglibxg.com
*.sdtenglibxg.com
secretnovascotia.com
*.secretnovascotia.com
seedspictures.com
*.seedspictures.com
thedailydialectic.com
*.thedailydialectic.com
waterfilters334020.icu
*.waterfilters334020.icu
Other domains in certificate