Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=021xdo.top
Issuer
C=US, O=Let's Encrypt, CN=YR2
Valid From
June 03, 2026
Valid Until
September 01, 2026
69 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F2:21:B5:C0:CB:A4:DB:BE:4B:4A:E8:60:0E:C2:FF:1D:7C:57:D3:18:0C:75:BC:52:D6:A3:72:68:1F:15:BE:AE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
88 domains
beatsavior.io
*.beatsavior.io
*.analytics2.beatsavior.io
*.mail.beatsavior.io
*.pop3.beatsavior.io
*.ww12.beatsavior.io
021xdo.top
*.021xdo.top
73180.my
*.73180.my
77777766.xyz
*.77777766.xyz
7lottary.xyz
*.7lottary.xyz
882376.my
*.882376.my
88252.my
*.88252.my
968882jj.cc
*.968882jj.cc
9965y.co
*.9965y.co
apartments-for-seniors-wp-1231.sbs
*.apartments-for-seniors-wp-1231.sbs
approveitmail.com
*.approveitmail.com
augmentedphysician.com
*.augmentedphysician.com
bancaweb.click
*.bancaweb.click
bgd7z2beq.world
*.bgd7z2beq.world
freshbubbles.com
*.freshbubbles.com
fuli24.live
*.fuli24.live
funiturerow.com
*.funiturerow.com
funlaxy.mom
*.funlaxy.mom
goskytabsystem.com
*.goskytabsystem.com
gshmn3.xyz
*.gshmn3.xyz
hihachat.net
*.hihachat.net
hyc00363.cc
*.hyc00363.cc
i7pppagbnqaqh.cc
*.i7pppagbnqaqh.cc
jonv.mobi
*.jonv.mobi
machinerykit.com
*.machinerykit.com
maci06.cc
*.maci06.cc
mngdiprs.xyz
*.mngdiprs.xyz
newyorksafertycouncil.com
*.newyorksafertycouncil.com
*.qa.newyorksafertycouncil.com
*.visualization.newyorksafertycouncil.com
nychomeschool.com
*.nychomeschool.com
p-rwa.com
*.p-rwa.com
picstrix.shop
*.picstrix.shop
publishinginjesusname.com
*.publishinginjesusname.com
pukul69aai.xyz
*.pukul69aai.xyz
saludintima.com
*.saludintima.com
thecrtz.xyz
*.thecrtz.xyz
timsimdep.com
*.timsimdep.com
vqlpej.my
*.vqlpej.my
webfooter.com
*.webfooter.com
zgiw.info
*.zgiw.info
zsjjz.my
*.zsjjz.my
zutzk.my
*.zutzk.my
Other domains in certificate