Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=beak.it
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 02, 2026
Valid Until
July 31, 2026
64 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DA:ED:DD:64:C8:E2:4A:12:F5:9F:40:BD:D4:20:C6:3D:78:37:8C:1B:A1:A7:1C:F5:8F:8C:A4:F4:5B:39:9E:57
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
golstat.com
*.golstat.com
*.community.golstat.com
*.pe.golstat.com
*.sms.golstat.com
*.ww17.golstat.com
*.ww35.golstat.com
71040.gdn
*.71040.gdn
ariaccl.ai
*.ariaccl.ai
beak.it
*.beak.it
*.metrics.beak.it
*.remote.beak.it
chfatgpt.com
*.chfatgpt.com
*.login.chfatgpt.com
*.m.chfatgpt.com
*.mobile.chfatgpt.com
*.portal.chfatgpt.com
clarityfitnessgoals.club
*.clarityfitnessgoals.club
*.7yq3lk.climatizando.info
climatizando.info
*.climatizando.info
estateplanningstl.com
*.estateplanningstl.com
*.mobile.estateplanningstl.com
fitnesssustain.club
*.fitnesssustain.club
home-care-lists-011.sbs
*.home-care-lists-011.sbs
immigrantsvisa.com
*.immigrantsvisa.com
jhgaa.gdn
*.jhgaa.gdn
kbijckxdhqwonvlxfwtg.com
*.kbijckxdhqwonvlxfwtg.com
ltmgp.co
*.ltmgp.co
lxuhq.gdn
*.lxuhq.gdn
*.143c3b44-3f06-4cc3-b155-ce46b131d37e.marsbahis468.info
*.api.marsbahis468.info
*.app.marsbahis468.info
*.backup.marsbahis468.info
*.beta.marsbahis468.info
*.d33bad51-57c4-4ab9-9a0a-b239b7d2b352.marsbahis468.info
*.dev.marsbahis468.info
*.marketing.marsbahis468.info
marsbahis468.info
*.marsbahis468.info
*.portal.marsbahis468.info
*.staging.marsbahis468.info
*.uat.marsbahis468.info
piwa331.xyz
*.piwa331.xyz
poppinrecipes.com
*.poppinrecipes.com
pufino.com
*.pufino.com
*.random.rubyspaoceanside.com
rubyspaoceanside.com
*.rubyspaoceanside.com
*.ww25.rubyspaoceanside.com
*.ww38.rubyspaoceanside.com
scalephntmai.pro
*.scalephntmai.pro
securetravelways.live
*.securetravelways.live
tacticempire61.top
*.tacticempire61.top
tmvyet.cc
*.tmvyet.cc
vqvs70.top
*.vqvs70.top
w13721487.com
*.w13721487.com
x99a2131.xyz
*.x99a2131.xyz
xhxdh2.skin
*.xhxdh2.skin
*.m.xn--zeldersler-dcb.com
xn--zeldersler-dcb.com
*.xn--zeldersler-dcb.com
zaffora.it.com
*.zaffora.it.com
zstap.gdn
*.zstap.gdn
Other domains in certificate