Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=72299.blog
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 16, 2026
Valid Until
July 15, 2026
53 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1D:DA:01:48:39:C9:F0:77:84:0C:BB:B5:37:4B:FC:20:83:B8:5D:F2:B6:68:37:DC:CA:CD:E8:22:E6:28:B0:0B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
galacticancestry.art
*.galacticancestry.art
72299.blog
*.72299.blog
dong-sheng.com
*.dong-sheng.com
drgwayne.com
*.drgwayne.com
expeditionessentials.xyz
*.expeditionessentials.xyz
francisfitzpatrick.art
*.francisfitzpatrick.art
*.comune.franport.com
franport.com
*.franport.com
gummzing.us
*.gummzing.us
heysecrets.com
*.heysecrets.com
hyperlink.lol
*.hyperlink.lol
integrityvacation.live
*.integrityvacation.live
intelligentagent.info
*.intelligentagent.info
kcw1277.cc
*.kcw1277.cc
ke6917.cc
*.ke6917.cc
klawaccidentattorneys.cfd
*.klawaccidentattorneys.cfd
metricsun.com
*.metricsun.com
murdjajo.art
*.murdjajo.art
mvpagentic.com
*.mvpagentic.com
mythoagentic.com
*.mythoagentic.com
naifeila.art
*.naifeila.art
neworleansthrive.com
*.neworleansthrive.com
news-api-gen.lol
*.news-api-gen.lol
nnstars.club
*.nnstars.club
nupro-us.com
*.nupro-us.com
olqmyd.work
*.olqmyd.work
outxyz.art
*.outxyz.art
pastlifeportrait.art
*.pastlifeportrait.art
*.reporting.pastlifeportrait.art
portraits.city
*.portraits.city
*.sharepoint.portraits.city
promptscout.xyz
*.promptscout.xyz
realfood.io
*.realfood.io
safetrax.app
*.safetrax.app
*.mx0.saudisportscompany.art
saudisportscompany.art
*.saudisportscompany.art
southampton-canary-island-cruise-package-uk.sbs
*.southampton-canary-island-cruise-package-uk.sbs
stonemedicine.art
*.stonemedicine.art
streamzilla.xyz
*.streamzilla.xyz
take-2derepssion-test.sbs
*.take-2derepssion-test.sbs
*.mx.talons.ventures
talons.ventures
*.talons.ventures
theamarshop.com
*.theamarshop.com
*.integration.thehappymedium.art
thehappymedium.art
*.thehappymedium.art
thesimpleboutique.com
*.thesimpleboutique.com
yltt3.my
*.yltt3.my
zenitgame.it.com
*.zenitgame.it.com
Other domains in certificate