Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=sekaihajimariowari.xyz
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
January 27, 2026
Valid Until
April 27, 2026
60 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E7:72:15:14:01:1B:4D:2B:9F:1D:BA:BE:CA:5D:9B:C6:3D:47:79:EF:A7:DF:85:77:55:0F:64:46:5E:51:DB:31
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
thystudio.com
*.thystudio.com
*.hostmaster.thystudio.com
*.livinghea.thystudio.com
*.livingheal.thystudio.com
*.myhea.thystudio.com
*.phi.thystudio.com
*.phil.thystudio.com
*.random.thystudio.com
*.ww2.thystudio.com
alanwardfurniture.co.uk
*.alanwardfurniture.co.uk
*.hostmaster.alanwardfurniture.co.uk
*.random.alanwardfurniture.co.uk
*.ww25.alanwardfurniture.co.uk
*.ww38.alanwardfurniture.co.uk
*.www.alanwardfurniture.co.uk
broucher.com
*.broucher.com
*.justine.broucher.com
comtaxact.com
*.comtaxact.com
*.facebook.comtaxact.com
*.freetaxusa.comtaxact.com
*.google.comtaxact.com
*.hostmaster.comtaxact.com
*.hrblock.comtaxact.com
*.taxact.comtaxact.com
*.usatoday.comtaxact.com
*.ww25.comtaxact.com
*.xfinity.comtaxact.com
*.yahoo.comtaxact.com
*.yyoutube.comtaxact.com
*.hostmaster.hpoki.com
hpoki.com
*.hpoki.com
*.hpokiea.hpoki.com
*.ww25.hpoki.com
*.analytics.qwerk.com
*.app.qwerk.com
*.apps.qwerk.com
*.mail1.qwerk.com
*.mail2.qwerk.com
qwerk.com
*.qwerk.com
*.secure.qwerk.com
*.std.qwerk.com
*.superset.qwerk.com
*.cpanel.sekaihajimariowari.xyz
*.cpcalendars.sekaihajimariowari.xyz
*.cpcontacts.sekaihajimariowari.xyz
*.mail.sekaihajimariowari.xyz
sekaihajimariowari.xyz
*.sekaihajimariowari.xyz
*.ww25.sekaihajimariowari.xyz
skylandersnews.com
*.skylandersnews.com
*.bi.southerglazers.com
*.careers.southerglazers.com
*.selfservice.southerglazers.com
*.sgconnect.southerglazers.com
southerglazers.com
*.southerglazers.com
*.ww01.southerglazers.com
ssgroup360.com
*.ssgroup360.com
*.email.watersponge.com
*.es.watersponge.com
*.fb.watersponge.com
*.jura-gw1.watersponge.com
*.monitor.watersponge.com
*.ns.watersponge.com
*.random.watersponge.com
*.v2.watersponge.com
watersponge.com
*.watersponge.com
*.world.watersponge.com
whiteboiweb.com
*.whiteboiweb.com
*.ww25.whiteboiweb.com
*.autodiscover.wholefoodsrecipe.com
*.cpanel.wholefoodsrecipe.com
*.hostmaster.wholefoodsrecipe.com
*.mail.wholefoodsrecipe.com
*.users.wholefoodsrecipe.com
*.webdisk.wholefoodsrecipe.com
*.webmail.wholefoodsrecipe.com
wholefoodsrecipe.com
*.wholefoodsrecipe.com
*.www.wholefoodsrecipe.com
Other domains in certificate