Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=onlinecounseling.in
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 11, 2026
Valid Until
July 10, 2026
89 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B7:95:F7:73:A4:10:1F:A3:27:9F:14:D3:11:63:74:69:8E:18:57:7B:95:1A:59:74:8D:E4:03:F0:69:E0:83:52
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
ptah.sh
*.ptah.sh
*.ctl.ptah.sh
*.r.ptah.sh
*.stories.ptah.sh
*.123.7up.org
*.4ekk9w0njmm.7up.org
7up.org
*.7up.org
*.h-3.7up.org
*.hctzw6og.7up.org
*.mail.7up.org
*.ra.7up.org
*.ww38.7up.org
*.3nxyc.92dclls.top
92dclls.top
*.92dclls.top
aecarandalucia.org
*.aecarandalucia.org
alpha-health.com
*.alpha-health.com
*.owa.alpha-health.com
belleoftopsail.com
*.belleoftopsail.com
*.dns.belleoftopsail.com
bradescoresgate.online
*.bradescoresgate.online
*.domains.bradescoresgate.online
bstc2023.com
*.bstc2023.com
clarionworld.com
*.clarionworld.com
*.owa.clarionworld.com
*.www.clarionworld.com
deficasino.co
*.deficasino.co
*.wildcard.deficasino.co
*.www.deficasino.co
dingyijie.space
*.dingyijie.space
*.study.dingyijie.space
*.ww25.dingyijie.space
estudiandopsicologia.info
*.estudiandopsicologia.info
*.ww25.estudiandopsicologia.info
*.www.estudiandopsicologia.info
flagmancasino-artfor2.com
*.flagmancasino-artfor2.com
fruits-sorbetti.com
*.fruits-sorbetti.com
glorysbakery.com
*.glorysbakery.com
goshensalon.com
*.goshensalon.com
karensunicorn.com
*.karensunicorn.com
kieferuniforms.com
*.kieferuniforms.com
kirmizicicek2.pro
*.kirmizicicek2.pro
*.proww38.kirmizicicek2.pro
*.hostmaster.loveastrologer.in
loveastrologer.in
*.loveastrologer.in
omarcheats.com
*.omarcheats.com
*.ww25.omarcheats.com
*.ftp.onlinecounseling.in
*.in.onlinecounseling.in
onlinecounseling.in
*.onlinecounseling.in
*.www.onlinecounseling.in
*.online.professionalproject.it
professionalproject.it
*.professionalproject.it
*.admin.saobet.site
*.ch.saobet.site
*.gvqhiww38.saobet.site
*.lvoiysandbox.saobet.site
*.mta-sts.saobet.site
saobet.site
*.saobet.site
*.wap.saobet.site
*.ww38.saobet.site
*.send.triotco.com
triotco.com
*.triotco.com
*.api.zik88.ag
zik88.ag
*.zik88.ag
Other domains in certificate