Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=brushmotionworks.xyz
Issuer
C=US, O=Let's Encrypt, CN=YR2
Valid From
May 28, 2026
Valid Until
August 26, 2026
79 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
ED:EF:24:A0:87:B0:3D:59:85:45:27:AB:8A:E4:BC:A8:66:58:53:86:5B:A5:8B:EA:91:78:6A:34:17:F6:BC:4A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
8hourplaylist.com
*.8hourplaylist.com
*.api.8hourplaylist.com
*.app.8hourplaylist.com
*.demo.8hourplaylist.com
3aft.xyz
*.3aft.xyz
*.demo-insight.3aft.xyz
*.hostmaster.3aft.xyz
*.www.3aft.xyz
brushmotionworks.xyz
*.brushmotionworks.xyz
*.nemln.brushmotionworks.xyz
*.tzygd.brushmotionworks.xyz
*.x7pal.brushmotionworks.xyz
casting-argentina.de
*.casting-argentina.de
*.9b76f1e3-34d7-4ac6-8413-531b4e031059.dyxra.com
*.admin.dyxra.com
*.api.dyxra.com
*.app.dyxra.com
*.backup.dyxra.com
*.cc79751c-b724-496e-af0c-8db5b799620d.dyxra.com
*.cloud.dyxra.com
*.dashboard.dyxra.com
*.djbpu.dyxra.com
dyxra.com
*.dyxra.com
*.f5fe0a07-0c15-4e5f-bb73-8a870dad3a78.dyxra.com
*.klwvsdjbpu.dyxra.com
*.mail.dyxra.com
*.marketing.dyxra.com
*.members.dyxra.com
*.qa.dyxra.com
*.rd.dyxra.com
*.rds.dyxra.com
*.rdweb.dyxra.com
*.remote.dyxra.com
*.secure.dyxra.com
*.stg.dyxra.com
*.tnq.dyxra.com
*.uat.dyxra.com
*.v1.dyxra.com
*.xp.dyxra.com
*.ytfa.dyxra.com
eita.it
*.eita.it
*.metric.eita.it
*.mx.eita.it
*.app.nexow.xyz
*.b5hyr.nexow.xyz
*.bb2b2a1a-cae1-42cc-b0d3-638076c2f7d5.nexow.xyz
*.c6udy.nexow.xyz
*.c80e021c-62fa-4110-b3bb-0443cad9a1b8.nexow.xyz
*.cc2mm.nexow.xyz
*.cuyk.nexow.xyz
*.cxie3.nexow.xyz
*.ebwif.nexow.xyz
*.eu3rm.nexow.xyz
*.he00g.nexow.xyz
*.ip4i2.nexow.xyz
nexow.xyz
*.nexow.xyz
*.sso.nexow.xyz
*.wsct4.nexow.xyz
*.xbh6h.nexow.xyz
*.y04uw.nexow.xyz
*.zyu43.nexow.xyz
*.mx.outlandish.it
outlandish.it
*.outlandish.it
*.remote.outlandish.it
*.www.outlandish.it
*.rustore.sqgzss.cool
sqgzss.cool
*.sqgzss.cool
*.console.thehumanoidlabs.info
*.sitemap.thehumanoidlabs.info
*.sitemaps.thehumanoidlabs.info
thehumanoidlabs.info
*.thehumanoidlabs.info
*.www.thehumanoidlabs.info
*.api.weekath.com
*.app.weekath.com
*.backend.weekath.com
*.demo.weekath.com
*.dev.weekath.com
weekath.com
*.weekath.com
*.www.weekath.com
Other domains in certificate