Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=123tiktok.com
Issuer
C=US, O=Let's Encrypt, CN=YR1
Valid From
June 01, 2026
Valid Until
August 30, 2026
68 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
01:EC:3C:32:F3:C8:7D:69:CD:13:DE:2D:AB:21:AC:3D:E2:2F:6E:18:08:07:F3:0C:4B:B2:22:3D:95:C4:B7:2C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
86 domains
123tiktok.com
*.123tiktok.com
144830.cc
*.144830.cc
4w99.com
*.4w99.com
856959.cc
*.856959.cc
a71bd.com
*.a71bd.com
aixingge.xyz
*.aixingge.xyz
akuzenaiarts.org
*.akuzenaiarts.org
alanjohns.com
*.alanjohns.com
anglevale.homes
*.anglevale.homes
augmentedclassroom.com
*.augmentedclassroom.com
barbados-paradise.com
*.barbados-paradise.com
bejlm.cc
*.bejlm.cc
cepfg.work
*.cepfg.work
cerrajeros.net
*.cerrajeros.net
claim-xrp.live
*.claim-xrp.live
clarithinkhub.info
*.clarithinkhub.info
clearthinkwave.info
*.clearthinkwave.info
daifu.cc
*.daifu.cc
deepdevelopments.com
*.deepdevelopments.com
dewa138spin.vip
*.dewa138spin.vip
dosagardenny.com
*.dosagardenny.com
famousdudes.com
*.famousdudes.com
hgfm.com.cn
*.hgfm.com.cn
impaired.in
*.impaired.in
letspracticeislam.org
*.letspracticeislam.org
lfd54rs8pc.top
*.lfd54rs8pc.top
lmadina.com
*.lmadina.com
menewshub.com
*.menewshub.com
mituantuan.cn
*.mituantuan.cn
n2x.city
*.n2x.city
negroculture.com
*.negroculture.com
ogz4n3ke.xyz
*.ogz4n3ke.xyz
plutoengine.com
*.plutoengine.com
privatizegovernment.org
*.privatizegovernment.org
radiantgardengrowth.xyz
*.radiantgardengrowth.xyz
sepogreen.com
*.sepogreen.com
smartaudioglasses.com
*.smartaudioglasses.com
unicornofwar.com
*.unicornofwar.com
useauthentic.com
*.useauthentic.com
vblockchain.org
*.vblockchain.org
vkv586k.top
*.vkv586k.top
vserdtse.com
*.vserdtse.com
vvho.com
*.vvho.com
Other domains in certificate