Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=blist.io
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
January 26, 2026
Valid Until
April 26, 2026
74 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A0:D2:65:76:04:CD:AF:20:F8:C5:1F:84:8F:DB:7D:18:22:A5:ED:9F:C3:85:96:9B:19:C4:41:BF:C4:B3:B6:C5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
aouvrz.com
*.aouvrz.com
*.acquire.aouvrz.com
*.briefly.aouvrz.com
*.bunch.aouvrz.com
*.campus.aouvrz.com
*.hyx3z.aouvrz.com
*.hyxvz.aouvrz.com
*.hyxvz2.aouvrz.com
*.hyxyz1.aouvrz.com
*.hyxyz2.aouvrz.com
*.hyxyz3.aouvrz.com
*.hyxyz4.aouvrz.com
*.hyydz2.aouvrz.com
*.hyyez2.aouvrz.com
*.hyyez4.aouvrz.com
*.hyyfz1.aouvrz.com
*.hyyfz2.aouvrz.com
*.hyygz1.aouvrz.com
*.hyyjz4.aouvrz.com
*.hyykz2.aouvrz.com
*.hyyrz2.aouvrz.com
*.m.aouvrz.com
*.users.aouvrz.com
*.ww25.aouvrz.com
blist.io
*.blist.io
*.ww25.blist.io
boatcharters.uk
*.boatcharters.uk
*.old.boatcharters.uk
*.shop.boatcharters.uk
computertechnician.au
*.computertechnician.au
*.random.computertechnician.au
*.wildcard.computertechnician.au
*.alidns.cpress.com
*.baidu.cpress.com
*.boibd.cpress.com
cpress.com
*.cpress.com
*.dingtalk.cpress.com
*.douyinliving.cpress.com
*.googlevideo.cpress.com
*.ia.cpress.com
*.ipcom.cpress.com
*.mail.cpress.com
*.mmstat.cpress.com
*.play.cpress.com
*.toutiaoapi.cpress.com
*.upennpress.cpress.com
*.wordpress.cpress.com
creditcardfinance.com
*.creditcardfinance.com
*.demand.creditcardfinance.com
*.wildcard.creditcardfinance.com
*.ww25.creditcardfinance.com
*.ww38.creditcardfinance.com
doorsforsale.com.au
*.doorsforsale.com.au
*.wildcard.doorsforsale.com.au
eastendfullgospel.com
*.eastendfullgospel.com
*.mail2.eastendfullgospel.com
*.rq9z.eastendfullgospel.com
fatcoach.au
*.fatcoach.au
*.random.fatcoach.au
*.wildcard.fatcoach.au
*.contratpacs.foursaua.info
foursaua.info
*.foursaua.info
*.jcpcomoutlet.foursaua.info
*.ns1.foursaua.info
*.ws.foursaua.info
*.wss.foursaua.info
*.intranet.kissanimerus.com
kissanimerus.com
*.kissanimerus.com
*.shop.kissanimerus.com
*.dl4.mp3.li
*.m.mp3.li
mp3.li
*.mp3.li
*.pr3.mp3.li
*.random.videostore.com.au
videostore.com.au
*.videostore.com.au
*.wildcard.videostore.com.au
*.ww25.videostore.com.au
Other domains in certificate