Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=66095.loan
Issuer
C=US, O=Let's Encrypt, CN=YR1
Valid From
June 18, 2026
Valid Until
September 16, 2026
85 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AB:33:54:C7:E7:C7:62:D2:5E:35:06:16:EA:2A:AB:C7:69:03:EB:BE:E1:85:03:0C:DD:F4:29:02:E7:CE:50:1C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
ozenda.com
*.ozenda.com
06721.one
*.06721.one
123456.ooo
*.123456.ooo
383518.cn
*.383518.cn
646ph.xyz
*.646ph.xyz
66095.loan
*.66095.loan
75728.luxe
*.75728.luxe
80808.ooo
*.80808.ooo
86451.loan
*.86451.loan
933028.lol
*.933028.lol
ademnaturalsprovadent.com
*.ademnaturalsprovadent.com
alta.top
*.alta.top
ameresearch.com
*.ameresearch.com
blushive.com
*.blushive.com
brrasiloja.com
*.brrasiloja.com
censored.cc
*.censored.cc
cobrabrand.icu
*.cobrabrand.icu
correctsound.com
*.correctsound.com
digitaleheimat-mentoring.com
*.digitaleheimat-mentoring.com
digitalexperience.in
*.digitalexperience.in
domesticrobo.com
*.domesticrobo.com
exammastersnepal.com
*.exammastersnepal.com
familyfightnight.com
*.familyfightnight.com
familyyogacenter.com
*.familyyogacenter.com
file34host131.xyz
*.file34host131.xyz
keratosis.net
*.keratosis.net
liksanos-pl.xyz
*.liksanos-pl.xyz
media-start-events.top
*.media-start-events.top
melbet-slots.xyz
*.melbet-slots.xyz
paneakeswap.eu.com
*.paneakeswap.eu.com
perappointmenthub.top
*.perappointmenthub.top
qderk.app
*.qderk.app
rongxunda.com
*.rongxunda.com
rs10692.cc
*.rs10692.cc
sastogharjaggarealestate.com
*.sastogharjaggarealestate.com
stephenavenue.net
*.stephenavenue.net
studeoresultsmedia.com
*.studeoresultsmedia.com
successthebusiness360method.com
*.successthebusiness360method.com
ujvrj.gdn
*.ujvrj.gdn
volcano-mail.com
*.volcano-mail.com
watchbark.com
*.watchbark.com
wordbank.cc
*.wordbank.cc
xinxin53.net
*.xinxin53.net
yanhh.vip
*.yanhh.vip
yfc00500.cc
*.yfc00500.cc
Other domains in certificate