Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=xpornoit.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 04, 2026
Valid Until
May 05, 2026
74 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FE:0E:FB:58:8E:35:5A:D5:7B:3F:F8:98:A7:CA:DA:86:1D:05:F5:85:F8:24:FD:89:62:FE:86:C4:5C:61:7D:63
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
tippitt.com
*.tippitt.com
*.ww11.tippitt.com
*.api.batenhorst.com
batenhorst.com
*.batenhorst.com
boiadeiro.com
*.boiadeiro.com
*.emv1.boiadeiro.com
cang.net
*.cang.net
*.mail.cang.net
*.xiaoshuowawa.cang.net
casabalkan.com
*.casabalkan.com
*.whm.casabalkan.com
citychain-sg-casio.online
*.citychain-sg-casio.online
*.ww16.citychain-sg-casio.online
*.ww25.citychain-sg-casio.online
*.ww38.citychain-sg-casio.online
finagist.site
*.finagist.site
*.ftp.finagist.site
*.mail.finagist.site
*.ww38.finagist.site
*.beta.generalholding.com
*.forum.generalholding.com
generalholding.com
*.generalholding.com
icutu.website
*.icutu.website
isabelmarantnorge.net
*.isabelmarantnorge.net
*.autodiscover.junglezone.com
junglezone.com
*.junglezone.com
*.ravpn.junglezone.com
*.smtp.junglezone.com
*.sss.junglezone.com
*.webvpn.junglezone.com
*.ww16.junglezone.com
*.ftp.nezir.com
nezir.com
*.nezir.com
*.sitemaps.nezir.com
officialdivinefashion.com
*.officialdivinefashion.com
onixtv.xyz
*.onixtv.xyz
*.ww25.onixtv.xyz
*.ww38.onixtv.xyz
*.faucet.oxhoneyjar.xyz
oxhoneyjar.xyz
*.oxhoneyjar.xyz
*.ww25.oxhoneyjar.xyz
*.ww38.oxhoneyjar.xyz
philipcrangiandco.com
*.philipcrangiandco.com
*.grey.raume.com
raume.com
*.raume.com
*.ww25.raume.com
thestreameast.ga
*.thestreameast.ga
*.v2.thestreameast.ga
*.pay.thetopcomment.com
thetopcomment.com
*.thetopcomment.com
*.m.tub4exer.com
tub4exer.com
*.tub4exer.com
*.data.unclewrightys.com
unclewrightys.com
*.unclewrightys.com
*.random.whistlebloggers.org
whistlebloggers.org
*.whistlebloggers.org
*.ww25.whistlebloggers.org
*.pop.xpornoit.com
*.server.xpornoit.com
*.ww25.xpornoit.com
*.ww38.xpornoit.com
xpornoit.com
*.xpornoit.com
*.mobile.zeebra.site
*.sitetree.zeebra.site
zeebra.site
*.zeebra.site
Other domains in certificate