Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=9502.win
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 11, 2026
Valid Until
August 09, 2026
57 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B2:92:21:F8:58:80:80:5F:8E:12:4E:6E:F6:11:03:A9:1A:91:D8:48:77:13:06:F2:A9:47:18:23:22:CF:52:46
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
brushworkshop.click
*.brushworkshop.click
70627.pro
*.70627.pro
711533.lol
*.711533.lol
729irwin.info
*.729irwin.info
*.a.729irwin.info
*.docs.729irwin.info
*.external.729irwin.info
*.fh0rlc.729irwin.info
*.www.729irwin.info
7ao7.top
*.7ao7.top
81089.loan
*.81089.loan
823369.blog
*.823369.blog
833058.loan
*.833058.loan
83455808.top
*.83455808.top
84855.lgbt
*.84855.lgbt
852297.lgbt
*.852297.lgbt
86269.org
*.86269.org
86299.mobi
*.86299.mobi
86zt.cc
*.86zt.cc
92051.my
*.92051.my
93657265.top
*.93657265.top
9502.win
*.9502.win
97587.asia
*.97587.asia
9animetv.media
*.9animetv.media
9e0daeba64dbb894.com
*.9e0daeba64dbb894.com
accountzone.world
*.accountzone.world
aiz6guvcfeb0.cc
*.aiz6guvcfeb0.cc
app-cetius.zone
*.app-cetius.zone
artcanvas.digital
*.artcanvas.digital
artvisualinstall.click
*.artvisualinstall.click
*.2xdudm.autoforms.dev
*.admin.autoforms.dev
*.api.autoforms.dev
*.app.autoforms.dev
autoforms.dev
*.autoforms.dev
*.bot.autoforms.dev
*.dev.autoforms.dev
*.m.autoforms.dev
*.members.autoforms.dev
*.test.autoforms.dev
*.tsbamxir.autoforms.dev
*.yqoiiapp.autoforms.dev
boiled-fish.com
*.boiled-fish.com
boldartwork.com
*.boldartwork.com
*.rx26jr.boldartwork.com
boss987.click
*.boss987.click
brushlightwave.click
*.brushlightwave.click
brushxpressions.com
*.brushxpressions.com
business-credit-cards-zfi5.click
*.business-credit-cards-zfi5.click
cameronelementary.com
*.cameronelementary.com
canvasart.digital
*.canvasart.digital
*.webmail.canvasart.digital
casinobanzai.net
*.casinobanzai.net
casinoenergy.net
*.casinoenergy.net
Other domains in certificate