Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=268477.cc
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 01, 2026
Valid Until
May 02, 2026
76 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
02:84:44:3E:76:B6:17:47:76:A0:CD:CC:30:B0:90:D4:D9:04:B9:20:8B:D1:F9:95:E3:DA:FE:49:9B:64:48:F2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
88 domains
badger.shop
*.badger.shop
100grab.com
*.100grab.com
268477.cc
*.268477.cc
3338.vg
*.3338.vg
67804.locker
*.67804.locker
aiselfdriver.com
*.aiselfdriver.com
akmvp.academy
*.akmvp.academy
bd54.top
*.bd54.top
bitcoins.net.au
*.bitcoins.net.au
blocq.co
*.blocq.co
bossbet88.cfd
*.bossbet88.cfd
chargipay.io
*.chargipay.io
chieffunnelofficer.com
*.chieffunnelofficer.com
ciki.org
*.ciki.org
comarketing.com.au
*.comarketing.com.au
cursodemusica.com
*.cursodemusica.com
ecy.tw
*.ecy.tw
ezpostings.com
*.ezpostings.com
formosaruby.com
*.formosaruby.com
fz521.cn
*.fz521.cn
genesisketo.com
*.genesisketo.com
gesture.au
*.gesture.au
globalconquests.com
*.globalconquests.com
home-page.net
*.home-page.net
homemade.porn
*.homemade.porn
humanpotential.com.au
*.humanpotential.com.au
invisibledentalaligners415713.icu
*.invisibledentalaligners415713.icu
iseeindia2.com
*.iseeindia2.com
iwantwhatiwant.org
*.iwantwhatiwant.org
kansasflights.com
*.kansasflights.com
laseroptics.shop
*.laseroptics.shop
latestfeed.org
*.latestfeed.org
lightseed.co
*.lightseed.co
lyssapebble.com
*.lyssapebble.com
murallas.com
*.murallas.com
outdoorlighting525121.icu
*.outdoorlighting525121.icu
physicalworlds.com
*.physicalworlds.com
stayvalues.com
*.stayvalues.com
strawi.com
*.strawi.com
tchxw.net
*.tchxw.net
totem.earth
*.totem.earth
woodflooring771934.icu
*.woodflooring771934.icu
xn--v3cdi1a4bc.com
*.xn--v3cdi1a4bc.com
zinkmovies.work
*.zinkmovies.work
Other domains in certificate