Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=huanjing.io
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
December 29, 2025
Valid Until
March 29, 2026
42 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CD:B8:E3:8C:0A:AF:46:B0:88:B0:50:32:EB:BB:BE:49:60:82:9E:8A:CC:BA:5B:A1:73:C4:88:8A:7E:95:04:72
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
71 domains
bbl.com.pl
zpc.com.pl
*.bbl.com.pl
*.zpc.com.pl
*.comune.zpc.com.pl
*.m.zpc.com.pl
*.mail.zpc.com.pl
*.www.zpc.com.pl
01binaryvision.tech
*.01binaryvision.tech
aarpmeicareplans.com
*.aarpmeicareplans.com
*.ww25.aarpmeicareplans.com
*.ww38.aarpmeicareplans.com
back9-golf.com
*.back9-golf.com
betmoneysikayet.com
*.betmoneysikayet.com
*.ns1.betmoneysikayet.com
*.ns2.betmoneysikayet.com
*.whm.betmoneysikayet.com
bitcoinemirates.com
*.bitcoinemirates.com
businessadvisory.net.au
*.businessadvisory.net.au
campervanrentals.com.au
*.campervanrentals.com.au
delicueen.com
*.delicueen.com
digitalmarketingschool.com.au
*.digitalmarketingschool.com.au
fmovies.tl
*.fmovies.tl
*.ww16.fmovies.tl
*.ww38.fmovies.tl
freecredit.au
*.freecredit.au
huanjing.io
*.huanjing.io
*.ww25.huanjing.io
illinoisstatejobs.com
*.illinoisstatejobs.com
*.pool.illinoisstatejobs.com
kdtscan.com
*.kdtscan.com
maisonbrasserie.com
*.maisonbrasserie.com
*.random.maisonbrasserie.com
mapqueast.com
*.mapqueast.com
marinearchaeology.org
*.marinearchaeology.org
*.random.marinearchaeology.org
*.ww38.marinearchaeology.org
nizationservantas.com
*.nizationservantas.com
onlineenrolmentsystem.website
*.onlineenrolmentsystem.website
sptek.tech
*.sptek.tech
stilestone.com
*.stilestone.com
strighttalk.com
*.strighttalk.com
thek9experts.com
*.thek9experts.com
*.pay.ultodds.com
ultodds.com
*.ultodds.com
yanphearak.tech
*.yanphearak.tech
Other domains in certificate