Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=49305.app
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 11, 2026
Valid Until
August 09, 2026
74 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D1:AD:78:FF:E6:C8:80:D1:01:40:D6:8B:AF:9A:C3:32:07:80:C8:7F:46:62:7C:A0:43:B1:80:4D:A1:73:68:EE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
liquidsend.com
*.liquidsend.com
*.app.liquidsend.com
*.ww38.liquidsend.com
44414.me
*.44414.me
49305.app
*.49305.app
*.www.49305.app
*.462sm.ar35.top
ar35.top
*.ar35.top
*.d97bc.ar35.top
*.f38ei.ar35.top
*.g26ql.ar35.top
*.isn2e.ar35.top
*.kixgq.ar35.top
*.slf9j.ar35.top
*.toodo.ar35.top
*.zrh6v.ar35.top
armoireupsculpte.com
*.armoireupsculpte.com
bet335com.live
*.bet335com.live
boilingfruit.com
*.boilingfruit.com
br-airconditioners-91794c6a.sbs
*.br-airconditioners-91794c6a.sbs
brushcolors.click
*.brushcolors.click
brushthoughts.com
*.brushthoughts.com
brushvibe.digital
*.brushvibe.digital
bubarrierefrei.com
*.bubarrierefrei.com
clearchoicecareers.live
*.clearchoicecareers.live
connectivist.net
*.connectivist.net
cryacoghang.com
*.cryacoghang.com
etcqak.vip
*.etcqak.vip
etcqau.vip
*.etcqau.vip
*.9.gs1ir.org
*.ets.gs1ir.org
*.event.gs1ir.org
gs1ir.org
*.gs1ir.org
*.learning.gs1ir.org
*.portal.gs1ir.org
*.traceability.gs1ir.org
juoksumies.com
*.juoksumies.com
kidzworld.co
*.kidzworld.co
kkpboyysdqi.cc
*.kkpboyysdqi.cc
laptops-br.sbs
*.laptops-br.sbs
likesourcing.com
*.likesourcing.com
*.app.liquidmessages.com
*.backend.liquidmessages.com
*.bi-qa.liquidmessages.com
*.demo.liquidmessages.com
liquidmessages.com
*.liquidmessages.com
*.nlyte.liquidmessages.com
*.pipeline-development.liquidmessages.com
lmkce.gdn
*.lmkce.gdn
lnproofitss.click
*.lnproofitss.click
lovewear.io
*.lovewear.io
massages-pirates-631.sbs
*.massages-pirates-631.sbs
moralis.co
*.moralis.co
paintfuturistic.digital
*.paintfuturistic.digital
pn53.cc
*.pn53.cc
pocheonu21bet.biz
*.pocheonu21bet.biz
tflkce.cyou
*.tflkce.cyou
Other domains in certificate