Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=hk368naga.xyz
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 17, 2026
Valid Until
July 16, 2026
50 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D4:43:C3:94:AB:97:E6:7E:B5:49:63:29:56:29:E0:47:1A:A2:EA:CD:CE:0D:12:F1:ED:23:92:BE:E5:F3:8F:53
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
onlinemugs.com
*.onlinemugs.com
*.a01504f0-b8c1-4d76-bd61-38e0b1cd46e9.onlinemugs.com
*.admin.onlinemugs.com
*.app.onlinemugs.com
*.bullhorn.onlinemugs.com
*.dash.onlinemugs.com
*.dev.onlinemugs.com
*.gitlab.onlinemugs.com
*.m.onlinemugs.com
*.ovqkxm.onlinemugs.com
*.owa.onlinemugs.com
*.remote.onlinemugs.com
*.vpn.onlinemugs.com
*.3acf57df-32b5-40d5-abac-6cb45835bfa6.fabetus.info
fabetus.info
*.fabetus.info
*.amp.hk368naga.xyz
*.api-qa.hk368naga.xyz
*.api.hk368naga.xyz
*.blog.hk368naga.xyz
*.cart-prod.hk368naga.xyz
*.cdn-cgi.hk368naga.xyz
*.cdn-test.hk368naga.xyz
*.ci-cd.hk368naga.xyz
*.ci.hk368naga.xyz
*.community.hk368naga.xyz
*.db1.hk368naga.xyz
*.devops.hk368naga.xyz
*.docu.hk368naga.xyz
*.download.hk368naga.xyz
*.email.hk368naga.xyz
*.fe.hk368naga.xyz
*.gitlab.hk368naga.xyz
*.graphql-playground.hk368naga.xyz
hk368naga.xyz
*.hk368naga.xyz
*.kubernetes.hk368naga.xyz
*.mail.hk368naga.xyz
*.media.hk368naga.xyz
*.monitoring.hk368naga.xyz
*.mx.hk368naga.xyz
*.news.hk368naga.xyz
*.pay.hk368naga.xyz
*.proof.hk368naga.xyz
*.repos.hk368naga.xyz
*.secure.hk368naga.xyz
*.sql2.hk368naga.xyz
*.staging.hk368naga.xyz
*.store.hk368naga.xyz
*.test.hk368naga.xyz
*.webmail.hk368naga.xyz
*.ww25.hk368naga.xyz
*.ww38.hk368naga.xyz
*.www.hk368naga.xyz
*.hostmaster.marquishotels.net
marquishotels.net
*.marquishotels.net
*.2.moviesandtvshow.site
*.admin.moviesandtvshow.site
*.ap.moviesandtvshow.site
*.api.moviesandtvshow.site
*.app.moviesandtvshow.site
*.cpanel.moviesandtvshow.site
*.cpcalendars.moviesandtvshow.site
*.cpcontacts.moviesandtvshow.site
*.dev.moviesandtvshow.site
*.eb.moviesandtvshow.site
*.ebdisk.moviesandtvshow.site
*.ebmail.moviesandtvshow.site
*.hm.moviesandtvshow.site
*.home.moviesandtvshow.site
*.hostmaster.moviesandtvshow.site
*.intranet.moviesandtvshow.site
*.m.moviesandtvshow.site
*.mail.moviesandtvshow.site
*.mega.moviesandtvshow.site
*.mobile.moviesandtvshow.site
moviesandtvshow.site
*.moviesandtvshow.site
*.news.moviesandtvshow.site
*.origin.moviesandtvshow.site
*.site.moviesandtvshow.site
*.wap.moviesandtvshow.site
*.web.moviesandtvshow.site
*.webdisk.moviesandtvshow.site
*.webmail.moviesandtvshow.site
*.whm.moviesandtvshow.site
*.www.moviesandtvshow.site
*.www2.moviesandtvshow.site
Other domains in certificate