Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=bingxiran.io
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
January 08, 2026
Valid Until
April 08, 2026
50 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
36:92:A9:54:79:0D:C4:BB:03:9D:D5:EB:BA:CF:01:CC:9D:45:F0:62:11:B4:51:ED:B3:06:EC:CD:79:3D:5E:ED
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
casiones.com
*.casiones.com
*.analytics.casiones.com
*.api.casiones.com
*.demo.casiones.com
*.fun.casiones.com
*.host.casiones.com
*.lint.casiones.com
*.member.casiones.com
*.mx1.casiones.com
*.pr.casiones.com
*.users.casiones.com
*.ww1.casiones.com
*.ww16.casiones.com
*.ww17.casiones.com
*.ww38.casiones.com
aadesh.xyz
*.aadesh.xyz
bestautokredit.de
*.bestautokredit.de
*.website.bestautokredit.de
*.ww16.bestautokredit.de
*.bbs.biiblegateway.com
biiblegateway.com
*.biiblegateway.com
*.random.biiblegateway.com
bingxiran.io
*.bingxiran.io
bisautang1.click
*.bisautang1.click
*.cbuend.cocoaberry.pl
cocoaberry.pl
*.cocoaberry.pl
*.dcsits.cocoaberry.pl
*.grgavt.cocoaberry.pl
*.annuities.corebridgrfinancial.com
*.api.corebridgrfinancial.com
corebridgrfinancial.com
*.corebridgrfinancial.com
*.justinolewnik.corebridgrfinancial.com
*.m.corebridgrfinancial.com
*.sitemap.corebridgrfinancial.com
*.sitemaps.corebridgrfinancial.com
*.support.corebridgrfinancial.com
*.suppport.corebridgrfinancial.com
*.ww01.corebridgrfinancial.com
*.ww25.corebridgrfinancial.com
*.wwww.corebridgrfinancial.com
faws.com.au
*.faws.com.au
*.mailserver.faws.com.au
*.bot.gargoyles.au
*.com.gargoyles.au
*.emv1.gargoyles.au
gargoyles.au
*.gargoyles.au
hemant.studio
*.hemant.studio
joker888.bet
*.joker888.bet
*.ww25.joker888.bet
*.ww38.joker888.bet
kitabay.store
*.kitabay.store
*.random.kitabay.store
*.manciple.marylander.net
marylander.net
*.marylander.net
*.random.marylander.net
*.ww25.marylander.net
*.ww43.marylander.net
*.maps.michalhornak.me
michalhornak.me
*.michalhornak.me
*.random.michalhornak.me
*.ww82.michalhornak.me
paquetesdebodas581482.icu
*.paquetesdebodas581482.icu
parasyte.studio
*.parasyte.studio
play-cama-shadow.xyz
*.play-cama-shadow.xyz
*.airflow.wjirlpool.com
*.beta.wjirlpool.com
*.random.wjirlpool.com
*.superset.wjirlpool.com
wjirlpool.com
*.wjirlpool.com
workplace.live
*.workplace.live
Other domains in certificate