Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=chunse520.xyz
Issuer
C=US, O=Let's Encrypt, CN=YR1
Valid From
June 14, 2026
Valid Until
September 12, 2026
82 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D7:15:16:7F:B8:89:8B:EC:68:F4:B5:C7:80:04:C9:12:49:A7:80:95:53:DE:F3:99:BD:69:A2:C1:37:73:E4:42
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
lisasleasing.com
*.lisasleasing.com
1600sprucestreet.com
*.1600sprucestreet.com
*.shop.1600sprucestreet.com
carewatchtoronto.org
*.carewatchtoronto.org
chunse520.xyz
*.chunse520.xyz
*.qq.chunse520.xyz
copa99in.cyou
*.copa99in.cyou
daniel353.autos
*.daniel353.autos
*.amparo.danscartoons.com
danscartoons.com
*.danscartoons.com
*.erp.danscartoons.com
*.remoteaccess.danscartoons.com
*.server.danscartoons.com
daooo.pro
*.daooo.pro
depart.lol
*.depart.lol
detoxcoachai.com
*.detoxcoachai.com
digital-figtopmarkets.com
*.digital-figtopmarkets.com
dimas.live
*.dimas.live
dodo-tv.com
*.dodo-tv.com
flightstats.org
*.flightstats.org
gjfvonuwyek.xyz
*.gjfvonuwyek.xyz
glacialdomainnames.com
*.glacialdomainnames.com
gotomyerpcore.com
*.gotomyerpcore.com
grl2gh.cc
*.grl2gh.cc
hacloudx.io
*.hacloudx.io
hrmdptkvanc.xyz
*.hrmdptkvanc.xyz
inventiotechnologies.sbs
*.inventiotechnologies.sbs
jonesraodstyle.com
*.jonesraodstyle.com
keydepots.com
*.keydepots.com
*.website.keydepots.com
lisaslease.com
*.lisaslease.com
paylbeauty.com
*.paylbeauty.com
pipefulapp.com
*.pipefulapp.com
pipefuldata.com
*.pipefuldata.com
plusroad.com
*.plusroad.com
prolungexpandd.com
*.prolungexpandd.com
proteinclick.com
*.proteinclick.com
tracknium.com
*.tracknium.com
trele.co
*.trele.co
*.ww25.trele.co
truevertexdeck.my
*.truevertexdeck.my
tureya.store
*.tureya.store
v2raydl.com
*.v2raydl.com
*.pop3.vavadazs2.com
*.tvwcjapi.vavadazs2.com
vavadazs2.com
*.vavadazs2.com
vimeo.onl
*.vimeo.onl
youik.xyz
*.youik.xyz
youraitablet.com
*.youraitablet.com
zigum.insure
*.zigum.insure
Other domains in certificate