Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=bit-bon.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 04, 2026
Valid Until
May 05, 2026
73 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4B:58:99:11:1B:72:16:34:AF:DA:B9:20:27:7F:2F:BE:4A:4A:CA:4A:0E:FC:99:BD:22:C0:95:34:8A:E9:BA:13
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
finbarr.com
*.finbarr.com
abelga.com
*.abelga.com
*.ww1.abelga.com
bit-bon.com
*.bit-bon.com
*.ww38.bit-bon.com
condogams.xyz
*.condogams.xyz
*.ww25.condogams.xyz
cryptoalerts.au
*.cryptoalerts.au
*.random.cryptoalerts.au
diypassioncrafts.xyz
*.diypassioncrafts.xyz
djih.com
*.djih.com
doubravsky.com
*.doubravsky.com
easycite.net
*.easycite.net
*.easydelivery.easycite.net
edable.com
*.edable.com
eksist.com
*.eksist.com
elamigo.com
*.elamigo.com
elbollo.com
*.elbollo.com
epiplostyle.com
*.epiplostyle.com
esconda.com
*.esconda.com
eternelle.com
*.eternelle.com
evalow.de
*.evalow.de
*.send.evalow.de
financieeladviseurs.com
*.financieeladviseurs.com
fitnessdriveforward.club
*.fitnessdriveforward.club
*.1www.floghtclub.com
floghtclub.com
*.floghtclub.com
*.ww25.floghtclub.com
*.ww38.floghtclub.com
folkins.com
*.folkins.com
gingerbreadboy.com
*.gingerbreadboy.com
globalvacationcrafters.xyz
*.globalvacationcrafters.xyz
*.edahns1x5.grupa-m4.pl
grupa-m4.pl
*.grupa-m4.pl
*.v2xiu.grupa-m4.pl
*.ftp.quirkydiscoveries.space
quirkydiscoveries.space
*.quirkydiscoveries.space
*.webdisk.quirkydiscoveries.space
titalav.com
*.titalav.com
*.ww25.titalav.com
*.app.toptrader.io
*.checkout.toptrader.io
*.hello.toptrader.io
*.imconstage.toptrader.io
*.link.toptrader.io
toptrader.io
*.toptrader.io
*.university.toptrader.io
*.ww25.toptrader.io
vaida.bet
*.vaida.bet
*.9jawaplords.waptrick.mobi
*.cs.waptrick.mobi
*.mobi.waptrick.mobi
*.ps.waptrick.mobi
*.riccolsholdings.waptrick.mobi
*.us.waptrick.mobi
*.wap.waptrick.mobi
waptrick.mobi
*.waptrick.mobi
*.wep.waptrick.mobi
*.blogs.xn--q3ca1aa5c4ado0p.com
xn--q3ca1aa5c4ado0p.com
*.xn--q3ca1aa5c4ado0p.com
Other domains in certificate