DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt

Certificate Information

Subject
CN=paintmovements.digital
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 20, 2026
Valid Until
August 18, 2026 77 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BD:9B:CC:2A:16:27:05:4D:BB:CC:BE:96:0F:81:05:92:DF:7C:22:19:A1:8F:66:3F:FE:F4:F3:BF:5A:DB:2B:EA
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
beyif.com *.beyif.com

Other domains in certificate

27170.one *.27170.one
35446.my *.35446.my
36786.vip *.36786.vip
397676.my *.397676.my
3sd9.cc *.3sd9.cc
52001.loan *.52001.loan
61195.blog *.61195.blog
77193.one *.77193.one
85744.my *.85744.my
86304.lgbt *.86304.lgbt
963456.cc *.963456.cc
971052.me *.971052.me
agj5j.cc *.agj5j.cc
autumn21.top *.autumn21.top
basilidianism.com *.basilidianism.com
betflik889.vip *.betflik889.vip *.dev.betflik889.vip
bqmnm.gdn *.bqmnm.gdn
cec6.com *.cec6.com
derek.cc *.derek.cc
dresner31.live *.dresner31.live
favbetcasino-ro.com *.favbetcasino-ro.com
fesov.com *.fesov.com
getengagelocal.com *.getengagelocal.com
gnrtor-0.sbs *.gnrtor-0.sbs
gratulations.top *.gratulations.top
hy41637.cc *.hy41637.cc
*.adfs.max-jeans.com *.anywhere.max-jeans.com *.apps.max-jeans.com *.bcfremote.max-jeans.com *.cerberhub.max-jeans.com *.citrix.max-jeans.com *.desktop.max-jeans.com *.email.max-jeans.com *.ent.max-jeans.com *.fax.max-jeans.com *.files.max-jeans.com *.ftp.max-jeans.com *.hq.max-jeans.com *.mail.max-jeans.com max-jeans.com *.max-jeans.com *.myapps.max-jeans.com *.ofinovardweb.max-jeans.com *.rds.max-jeans.com *.remote.max-jeans.com *.smtp.max-jeans.com *.ssl.max-jeans.com *.webmail.max-jeans.com
*.megamarket.paintmovements.digital *.p0ff59.paintmovements.digital paintmovements.digital *.paintmovements.digital
uefacup.org *.uefacup.org
*.362479e0-9e77-4949-a4a8-975f3b05c287.xui3.org *.dev.xui3.org *.members.xui3.org *.mme958.xui3.org xui3.org *.xui3.org