Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=zoompocket.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 27, 2026
Valid Until
August 25, 2026
71 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CD:87:53:2C:FB:B7:61:5D:36:06:AB:29:0E:39:9B:96:62:AE:97:53:A6:D3:EC:D1:F9:E5:35:E7:E6:25:79:F5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
dexcpu.com
*.dexcpu.com
*.dev.dexcpu.com
*.sitemaps.dexcpu.com
ailora.io
*.ailora.io
*.checkout.ailora.io
*.dashboard.ailora.io
*.panel.ailora.io
*.remote.ailora.io
*.sitemaps.ailora.io
*.test.ailora.io
bblack.co
*.bblack.co
*.96c54.bdeefg.top
bdeefg.top
*.bdeefg.top
*.civoh.bdeefg.top
*.fdb74.bdeefg.top
*.i51qg.bdeefg.top
*.j2zfz.bdeefg.top
*.oahlw.bdeefg.top
*.tpxa3.bdeefg.top
*.xbh6h.bdeefg.top
centsapp.io
*.centsapp.io
*.intranet.centsapp.io
*.mta-sts.centsapp.io
*.users.centsapp.io
*.www.centsapp.io
*.5d538c27-284a-4b8f-b1d5-8fd3537f82b0.disclaim.dev
*.7a68594d-da96-449b-ac07-198b4e457958.disclaim.dev
*.api.disclaim.dev
*.app.disclaim.dev
*.b459ef28-ee51-441a-b8e6-2ad0f8da3ba6.disclaim.dev
*.cmzbfj.disclaim.dev
*.dev.disclaim.dev
disclaim.dev
*.disclaim.dev
*.mail.disclaim.dev
*.members.disclaim.dev
*.new.disclaim.dev
*.rustore.disclaim.dev
*.test.disclaim.dev
*.uhuegapi.disclaim.dev
*.2dbks.headtohead.xyz
*.ayfpk.headtohead.xyz
*.cc2mm.headtohead.xyz
headtohead.xyz
*.headtohead.xyz
*.help.headtohead.xyz
*.iovou.headtohead.xyz
*.kp5po.headtohead.xyz
*.lcjev.headtohead.xyz
*.ndifg.headtohead.xyz
*.q86h5.headtohead.xyz
*.s5kjz.headtohead.xyz
*.sbd1u.headtohead.xyz
*.v3ywp.headtohead.xyz
*.vizaseq.headtohead.xyz
megapersonls.eu
*.megapersonls.eu
*.analytics.playmasters.bet
playmasters.bet
*.playmasters.bet
*.insight.ryoti.com
*.rdp.ryoti.com
ryoti.com
*.ryoti.com
*.vdi.ryoti.com
*.esfhkhlecuoxk.wenoia.finance
*.eztnadyw.wenoia.finance
*.members.wenoia.finance
*.redmine.wenoia.finance
*.restricted.wenoia.finance
*.test.wenoia.finance
*.vpn.wenoia.finance
*.web2.wenoia.finance
wenoia.finance
*.wenoia.finance
*.ww03.wenoia.finance
*.ae.ydoher.info
*.my.ydoher.info
*.w.ydoher.info
ydoher.info
*.ydoher.info
*.sitemaps.zoompocket.com
zoompocket.com
*.zoompocket.com
Other domains in certificate