Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=zhimaxi.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
January 01, 2026
Valid Until
April 01, 2026
40 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CC:21:25:91:F5:3E:69:A0:26:99:72:50:89:06:CE:57:04:F8:6C:CA:5B:B0:78:13:D8:C8:DB:AF:1D:C1:72:24
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
celinepg.com
*.celinepg.com
*.ww25.celinepg.com
*.www.celinepg.com
249autoparts.com
*.249autoparts.com
*.bumper.249autoparts.com
*.compressor.249autoparts.com
*.engine.249autoparts.com
*.transmission.249autoparts.com
*.wildcard.249autoparts.com
*.ww25.249autoparts.com
akane-banashi.online
*.akane-banashi.online
*.hm.akane-banashi.online
*.ww16.akane-banashi.online
cvctv.info
*.cvctv.info
*.ww.cvctv.info
*.ww38.cvctv.info
ddmerchandise.com
*.ddmerchandise.com
*.ww16.ddmerchandise.com
*.ww38.ddmerchandise.com
flashacore.mobi
*.flashacore.mobi
*.ww38.flashacore.mobi
lacasitamexicanrestaurantlv.com
*.lacasitamexicanrestaurantlv.com
*.ww38.lacasitamexicanrestaurantlv.com
*.crm.laserskincenternorthport.com
*.gitlab.laserskincenternorthport.com
laserskincenternorthport.com
*.laserskincenternorthport.com
*.lime.laserskincenternorthport.com
*.sitemaps.laserskincenternorthport.com
oficialrosaamazonica.store
*.oficialrosaamazonica.store
*.ww25.oficialrosaamazonica.store
*.ww38.oficialrosaamazonica.store
orchidoven.xyz
*.orchidoven.xyz
*.ww25.orchidoven.xyz
*.hostmaster.pleerwq.club
*.media.pleerwq.club
*.media11.pleerwq.club
*.media12.pleerwq.club
*.media13.pleerwq.club
*.media14.pleerwq.club
*.media15.pleerwq.club
*.media8.pleerwq.club
pleerwq.club
*.pleerwq.club
*.mta-sts.polit-kompass.de
polit-kompass.de
*.polit-kompass.de
*.www2.polit-kompass.de
*.www3.polit-kompass.de
*.www4.polit-kompass.de
*.isus.rstheory.org
*.larson.rstheory.org
*.library.rstheory.org
rstheory.org
*.rstheory.org
*.store.rstheory.org
thermotoday.com
*.thermotoday.com
*.sitemap.toldosbaratos.info
toldosbaratos.info
*.toldosbaratos.info
*.ww25.toldosbaratos.info
*.home.xrtamath.org
*.ww38.xrtamath.org
xrtamath.org
*.xrtamath.org
*.crm.zale-media.com
zale-media.com
*.zale-media.com
*.api.zhimaxi.com
*.app.zhimaxi.com
*.backend.zhimaxi.com
*.bbs.zhimaxi.com
*.demo.zhimaxi.com
*.dev.zhimaxi.com
*.random.zhimaxi.com
*.staging.zhimaxi.com
*.ww12.zhimaxi.com
*.www.zhimaxi.com
zhimaxi.com
*.zhimaxi.com
Other domains in certificate