Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=youngla.co
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 04, 2026
Valid Until
May 05, 2026
76 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7D:FF:E1:4A:2D:24:9E:E6:85:9F:39:00:73:F3:A5:4D:F2:9B:FB:84:EB:13:BB:1C:76:B7:19:38:A3:44:5B:30
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
duifu.com
*.duifu.com
*.anyconnect.duifu.com
*.api.duifu.com
*.forum.duifu.com
*.forums.duifu.com
*.backup.cartello.com
*.blog.cartello.com
cartello.com
*.cartello.com
*.demo.cartello.com
*.ffffffffffff.cartello.com
*.mail.cartello.com
*.ww16.cartello.com
*.ww17.cartello.com
*.ww25.cartello.com
class10icse.xyz
*.class10icse.xyz
*.ww25.class10icse.xyz
comersperror.com
*.comersperror.com
csatego.pl
*.csatego.pl
envnet.org
*.envnet.org
*.eagle.explorewildlife.com
explorewildlife.com
*.explorewildlife.com
*.facebook.explorewildlife.com
*.fr.explorewildlife.com
*.mba.explorewildlife.com
*.serial.explorewildlife.com
*.team.explorewildlife.com
*.users.explorewildlife.com
gdapk.net
*.gdapk.net
iflxiptv.com
*.iflxiptv.com
*.blog.igrejaviva24horas.com.br
igrejaviva24horas.com.br
*.igrejaviva24horas.com.br
*.ww38.igrejaviva24horas.com.br
*.health.lacasuca.com
lacasuca.com
*.lacasuca.com
*.shopping.lacasuca.com
learntoflygame.com
*.learntoflygame.com
*.sitemap.learntoflygame.com
*.ww16.learntoflygame.com
*.ww17.learntoflygame.com
lucky7storage.com
*.lucky7storage.com
*.cdn.momsporns.com
*.mail.momsporns.com
momsporns.com
*.momsporns.com
*.ww38.momsporns.com
*.www.momsporns.com
*.analytics.mplab.io
*.app.mplab.io
*.bot.mplab.io
*.gitlab.mplab.io
mplab.io
*.mplab.io
*.registry.mplab.io
*.simbank.mplab.io
*.wiki.mplab.io
*.ww25.mplab.io
*.bbs.newpalm.com
*.emai.newpalm.com
*.email.newpalm.com
*.mms.newpalm.com
newpalm.com
*.newpalm.com
*.app.orangek.org
*.cdn.orangek.org
*.down.orangek.org
orangek.org
*.orangek.org
*.www.orangek.org
sieudam.me
*.sieudam.me
tayduthantuong.mobi
*.tayduthantuong.mobi
*.secure.youngla.co
youngla.co
*.youngla.co
zoechp.cc
*.zoechp.cc
Other domains in certificate