Open
Cached
·
6h ago
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=citro.bio
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 20, 2026
Valid Until
August 18, 2026
73 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6B:21:FF:5E:3F:50:6A:A8:76:A1:0F:AE:F0:80:3F:DE:88:5D:BE:A3:1A:8B:74:C3:A4:87:32:6F:F5:DD:F9:44
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
bowz.info
*.bowz.info
*.cpanel.bowz.info
*.dev.bowz.info
*.kok.bowz.info
*.ms.bowz.info
*.nazo.bowz.info
*.ww38.bowz.info
30053.co
*.30053.co
*.admin.agenkoin138.net
agenkoin138.net
*.agenkoin138.net
*.dev.agenkoin138.net
*.hostmaster.agenkoin138.net
*.remote.agenkoin138.net
*.sitemap.agenkoin138.net
*.www.agenkoin138.net
*.api.bank138.net
*.app.bank138.net
bank138.net
*.bank138.net
*.demo.bank138.net
*.hostmaster.bank138.net
*.ibercaja.bank138.net
bookofsparkle.com
*.bookofsparkle.com
*.m.bookofsparkle.com
*.sitemap.bookofsparkle.com
*.sitemaps.bookofsparkle.com
*.www.bookofsparkle.com
citro.bio
*.citro.bio
*.ginge.citro.bio
*.admin.fxedge.io
*.api.fxedge.io
*.assets.fxedge.io
*.dashboard.fxedge.io
*.demo.fxedge.io
fxedge.io
*.fxedge.io
*.kkrpzassets.fxedge.io
*.panel.fxedge.io
*.www.fxedge.io
*.beta.lovehop.com
*.crm.lovehop.com
lovehop.com
*.lovehop.com
*.wiki.lovehop.com
*.ww25.lovehop.com
*.ww38.lovehop.com
*.bmail.nrpfw.cn
*.m.nrpfw.cn
*.mail.nrpfw.cn
nrpfw.cn
*.nrpfw.cn
*.rumj.nrpfw.cn
*.share.nrpfw.cn
*.webmail.nrpfw.cn
*.wwww.nrpfw.cn
poemcenter.com
*.poemcenter.com
*.rustore.poemcenter.com
*.wiki.poemcenter.com
*.ww38.poemcenter.com
*.backup.pricelessreservations.com
*.com.pricelessreservations.com
*.owa.pricelessreservations.com
pricelessreservations.com
*.pricelessreservations.com
*.ssl.pricelessreservations.com
*.web.pricelessreservations.com
televisionmuseum.com
*.televisionmuseum.com
*.ww16.televisionmuseum.com
*.mail.unitarny.org
*.media.unitarny.org
*.pop.unitarny.org
*.staging.unitarny.org
unitarny.org
*.unitarny.org
*.ww2.unitarny.org
*.wwww.unitarny.org
wastewatches.com
*.wastewatches.com
*.www.wastewatches.com
*.store.xn--5dbdd1ffb.com
*.test.xn--5dbdd1ffb.com
xn--5dbdd1ffb.com
*.xn--5dbdd1ffb.com
Other domains in certificate