Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=knaj.xyz
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 07, 2026
Valid Until
May 08, 2026
71 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
09:42:89:EF:45:6F:2A:EB:2B:75:46:DF:7B:3C:44:45:5D:27:56:5B:D5:C7:50:BA:20:84:DA:FC:45:4A:5D:8C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
alpha1906.net
*.alpha1906.net
1ilcnon.cc
*.1ilcnon.cc
*.h.1ilcnon.cc
adidaswomennyc.com
*.adidaswomennyc.com
*.m.adidaswomennyc.com
aparmets.com
*.aparmets.com
*.events.aparmets.com
*.mx.aparmets.com
*.mx3.aparmets.com
*.pipeline.aparmets.com
*.ww16.aparmets.com
avble.tv
*.avble.tv
*.en.avble.tv
*.jp.avble.tv
beqiv.click
*.beqiv.click
binksforestgc.com
*.binksforestgc.com
*.webmail.binksforestgc.com
*.ww25.binksforestgc.com
bocoran-rtp-slot.space
*.bocoran-rtp-slot.space
*.random.somersetbay.com.my
somersetbay.com.my
*.somersetbay.com.my
cs-116.site
*.cs-116.site
*.bk.fastestlink.online
fastestlink.online
*.fastestlink.online
*.ww16.fastestlink.online
*.ww38.fastestlink.online
freecnam.com
*.freecnam.com
*.ww25.freecnam.com
idealmedica.life
*.idealmedica.life
*.ns2.idealmedica.life
journeyintobliss.com.au
*.journeyintobliss.com.au
*.com.knaj.xyz
*.gov.knaj.xyz
knaj.xyz
*.knaj.xyz
*.tybzek.knaj.xyz
naak.shop
*.naak.shop
nataly.life
*.nataly.life
ns1abovedomains.com
*.ns1abovedomains.com
oilfilters.net.au
*.oilfilters.net.au
*.ww25.oilfilters.net.au
*.admin.radiolife.online
*.ap.radiolife.online
*.app.radiolife.online
*.dc-92e8809587c1.radiolife.online
*.dev.radiolife.online
*.home.radiolife.online
*.m.radiolife.online
*.mail.radiolife.online
*.mobile.radiolife.online
radiolife.online
*.radiolife.online
*.wap.radiolife.online
*.web.radiolife.online
rajambs5.com
*.rajambs5.com
shotom.online
*.shotom.online
*.cpcontacts.sportslives24.online
*.hd.sportslives24.online
sportslives24.online
*.sportslives24.online
*.tv.sportslives24.online
*.m.xbw84.net
*.wwww.xbw84.net
xbw84.net
*.xbw84.net
*.m.yy4480.pro
*.vwo.yy4480.pro
yy4480.pro
*.yy4480.pro
Other domains in certificate