Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=25232.loan
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
March 29, 2026
Valid Until
June 27, 2026
32 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F8:21:31:11:49:82:A1:D8:D7:87:72:36:A1:01:D8:C7:42:98:E3:EF:94:B4:E0:93:32:AA:54:7E:22:50:BE:B7
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
markz.live
*.markz.live
11447.pet
*.11447.pet
18954.pet
*.18954.pet
25232.loan
*.25232.loan
26165.pet
*.26165.pet
28435.locker
*.28435.locker
29638.pet
*.29638.pet
3318170.vip
*.3318170.vip
90415.blog
*.90415.blog
cabinet-servais.net
*.cabinet-servais.net
cdqrs.town
*.cdqrs.town
efxuk.co
*.efxuk.co
engclub.com
*.engclub.com
gouziyunclash.com
*.gouziyunclash.com
gouziyunjc.com
*.gouziyunjc.com
h14bf6o.top
*.h14bf6o.top
haitajc.com
*.haitajc.com
hauswertrechner.click
*.hauswertrechner.click
health-insurance-mk.click
*.health-insurance-mk.click
healthcare-software-gx329ljm.click
*.healthcare-software-gx329ljm.click
iboxf.town
*.iboxf.town
inattv971.xyz
*.inattv971.xyz
italy-flightdeals1.sbs
*.italy-flightdeals1.sbs
iysvwc.pro
*.iysvwc.pro
j8ew2e8d9p.top
*.j8ew2e8d9p.top
jhdpurchasingsolutions.com
*.jhdpurchasingsolutions.com
jwtwn.loan
*.jwtwn.loan
kavkaz-apple.com
*.kavkaz-apple.com
kejibearjc.com
*.kejibearjc.com
kwungg.loan
*.kwungg.loan
kxckx.wtf
*.kxckx.wtf
kxlwx.wtf
*.kxlwx.wtf
kxpho.pro
*.kxpho.pro
kyrhq.sx
*.kyrhq.sx
kyywa.town
*.kyywa.town
*.town.kyywa.town
lensnorm.com
*.lensnorm.com
lggbpc.loan
*.lggbpc.loan
ljy-0329-wealth-management.sbs
*.ljy-0329-wealth-management.sbs
luqyza.loan
*.luqyza.loan
machinery-operator185.click
*.machinery-operator185.click
malatechadvisory.com
*.malatechadvisory.com
mbkal.gdn
*.mbkal.gdn
moyat.co
*.moyat.co
pioneermindset.sbs
*.pioneermindset.sbs
Other domains in certificate