Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=binvest.ltd
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
January 31, 2026
Valid Until
May 01, 2026
80 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D2:36:07:FD:97:8F:F1:B6:AE:46:46:FF:64:76:7F:37:B0:B2:FE:A5:E6:9D:B9:3D:9B:6B:A4:FA:80:88:F0:7F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
grnder.com
*.grnder.com
*.dns.grnder.com
*.hostmaster.grnder.com
*.mx7.grnder.com
*.random.grnder.com
aussiebuys.com.au
*.aussiebuys.com.au
beholdapalehorse.com
*.beholdapalehorse.com
*.mail.beholdapalehorse.com
*.random.beholdapalehorse.com
betterfantasydraft.com
*.betterfantasydraft.com
binvest.ltd
*.binvest.ltd
braces.life
*.braces.life
chewypla.net
*.chewypla.net
*.cpcalendars.chewypla.net
doma.media
*.doma.media
eatingwell.au
*.eatingwell.au
*.manjulaskitchen.eatingwell.au
*.self.eatingwell.au
*.beta.footballorigin.com
*.demo.footballorigin.com
footballorigin.com
*.footballorigin.com
*.sitemaps.footballorigin.com
*.ww1.footballorigin.com
*.ww16.footballorigin.com
*.ww25.footballorigin.com
fossils.life
*.fossils.life
francescomeli.it
*.francescomeli.it
*.clarkdenise-blakeshawn.fyup.com
fyup.com
*.fyup.com
*.rx.fyup.com
*.ssp.fyup.com
impressivent.com
*.impressivent.com
*.random.impressivent.com
lickdeals.net
*.lickdeals.net
*.ww16.lickdeals.net
*.ww38.lickdeals.net
*.cpanel.meetd3.com
meetd3.com
*.meetd3.com
modeling.co.za
*.modeling.co.za
rehabilitiesconnect.info
*.rehabilitiesconnect.info
*.admin.self-compasion.org
*.random.self-compasion.org
self-compasion.org
*.self-compasion.org
strategicbusiness.com.au
*.strategicbusiness.com.au
thongtacconggiare.info
*.thongtacconggiare.info
*.mailserver.truesound.au
truesound.au
*.truesound.au
ucare.news
*.ucare.news
undervognsbehandling.info
*.undervognsbehandling.info
vaccuums.com.au
*.vaccuums.com.au
vitamind.world
*.vitamind.world
watchesaustralia.au
*.watchesaustralia.au
*.admin.youngfirstimers.com
*.api.youngfirstimers.com
*.backend.youngfirstimers.com
*.dashs.youngfirstimers.com
*.wildcard.youngfirstimers.com
*.ww38.youngfirstimers.com
youngfirstimers.com
*.youngfirstimers.com
*.random.yourloans.com.au
yourloans.com.au
*.yourloans.com.au
Other domains in certificate