Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=onixse.co
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
January 15, 2026
Valid Until
April 15, 2026
56 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
07:D0:0C:40:BC:91:C6:66:BA:63:CE:AB:7A:B9:CD:D8:BB:03:1D:DA:8B:7C:DF:AC:15:C9:3E:B6:62:6D:32:7D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
statdetox.com
*.statdetox.com
*.cpanel.statdetox.com
*.crm.statdetox.com
*.dev.statdetox.com
*.test.statdetox.com
apricot.site
*.apricot.site
*.ww12.apricot.site
bestthinks.com
*.bestthinks.com
*.com.bestthinks.com
gayporno.com.au
*.gayporno.com.au
*.ww16.gayporno.com.au
*.ww25.gayporno.com.au
*.firewall.globaling.io
globaling.io
*.globaling.io
*.mail.globaling.io
knruhs.co
*.knruhs.co
lcdlin.co
*.lcdlin.co
lunabet886.com
*.lunabet886.com
*.pay.lunabet886.com
*.sports2.lunabet886.com
*.backup.menedek.com
*.blog.menedek.com
*.crm.menedek.com
*.demo.menedek.com
*.forum.menedek.com
*.forums.menedek.com
*.hostmaster.menedek.com
menedek.com
*.menedek.com
*.ww11.menedek.com
*.ww16.menedek.com
*.ww17.menedek.com
*.ww25.menedek.com
*.ww38.menedek.com
onixse.co
*.onixse.co
parissaint.com
*.parissaint.com
*.ww38.parissaint.com
sadmansazzad.com
*.sadmansazzad.com
*.hair-salon.samplewebsites.com.au
*.hotel.samplewebsites.com.au
*.restaurant.samplewebsites.com.au
samplewebsites.com.au
*.samplewebsites.com.au
*.ww11.samplewebsites.com.au
*.ww25.samplewebsites.com.au
*.ww38.samplewebsites.com.au
*.www.samplewebsites.com.au
sushiparkonsunset.com
*.sushiparkonsunset.com
*.ww16.sushiparkonsunset.com
*.www.sushiparkonsunset.com
*.mobile.testguestionsandanswers.com
*.random.testguestionsandanswers.com
testguestionsandanswers.com
*.testguestionsandanswers.com
vombatpages.com
*.vombatpages.com
*.ww25.vombatpages.com
*.apps.wampiry.com
*.art.wampiry.com
*.director.wampiry.com
*.images.wampiry.com
*.img.wampiry.com
*.jocuri.wampiry.com
*.katalog.wampiry.com
*.krwionosny.wampiry.com
*.office.wampiry.com
*.random.wampiry.com
*.search.wampiry.com
*.test.wampiry.com
*.video.wampiry.com
wampiry.com
*.wampiry.com
*.ww17.wampiry.com
*.zabawa.wampiry.com
*.wildcard.xmoblieusa.com
xmoblieusa.com
*.xmoblieusa.com
Other domains in certificate