Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=applespotlight.com
Issuer
C=US, O=Let's Encrypt, CN=YR2
Valid From
June 06, 2026
Valid Until
September 04, 2026
77 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
27:AC:F7:E9:E3:BE:CC:72:E4:BE:DD:3D:F2:A8:B5:73:4D:17:C4:6D:96:E6:F8:E1:4B:BE:3D:F1:A8:8E:78:B6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
applespotlight.com
*.applespotlight.com
auto-insurance-quote-now.sbs
*.auto-insurance-quote-now.sbs
aysnv.work
*.aysnv.work
basari409.bet
*.basari409.bet
basari412.bet
*.basari412.bet
basari427.bet
*.basari427.bet
basari433.bet
*.basari433.bet
basari463.bet
*.basari463.bet
basari472.bet
*.basari472.bet
basari475.bet
*.basari475.bet
basari532.bet
*.basari532.bet
basari538.bet
*.basari538.bet
basari544.bet
*.basari544.bet
basari562.bet
*.basari562.bet
basari574.bet
*.basari574.bet
basari589.bet
*.basari589.bet
dogspicture.com
*.dogspicture.com
gossiphub.live
*.gossiphub.live
gossipnovel.live
*.gossipnovel.live
gz-hexin.cn
*.gz-hexin.cn
iklan4d-online.xyz
*.iklan4d-online.xyz
integrityitinerary.qpon
*.integrityitinerary.qpon
isugardoll.online
*.isugardoll.online
meja77.org
*.meja77.org
nuoptimalens.com
*.nuoptimalens.com
passportoffice.com.au
*.passportoffice.com.au
*.random.passportoffice.com.au
*.ww38.passportoffice.com.au
pharmtotable.shop
*.pharmtotable.shop
pulbahis173.com
*.pulbahis173.com
redstonedefilabs.xyz
*.redstonedefilabs.xyz
reelglow.xyz
*.reelglow.xyz
s57.my
*.s57.my
scentcrusher.shop
*.scentcrusher.shop
securetravelvoyage.live
*.securetravelvoyage.live
sehirbilgi.info
*.sehirbilgi.info
slzag.cc
*.slzag.cc
smarttravelangles.live
*.smarttravelangles.live
strongit.org
*.strongit.org
surefootedtravel.qpon
*.surefootedtravel.qpon
tiaoz16.xyz
*.tiaoz16.xyz
vaultpulse.xyz
*.vaultpulse.xyz
xadde.com
*.xadde.com
xn--muuo22g.com
*.xn--muuo22g.com
yy67.my
*.yy67.my
zbgbet.com
*.zbgbet.com
Other domains in certificate