Open
Cached
·
13h ago
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=cerpunzyxel.it.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
March 21, 2026
Valid Until
June 19, 2026
50 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
69:67:51:68:FD:5C:AA:A6:73:CB:2B:49:D5:F5:CF:9E:9D:DE:98:9E:17:FB:F8:5A:CF:1F:42:4D:B3:C8:44:CD
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
wikipediablog.com
*.wikipediablog.com
198022.cc
*.198022.cc
198080.cc
*.198080.cc
36672.blog
*.36672.blog
382hu.cc
*.382hu.cc
3qvpn.us
*.3qvpn.us
8day.one
*.8day.one
anysunject.com
*.anysunject.com
appsoro.com
*.appsoro.com
cars-plinko.it.com
*.cars-plinko.it.com
cerpunzyxel.it.com
*.cerpunzyxel.it.com
f5o8f3gb.top
*.f5o8f3gb.top
ks3210.cc
*.ks3210.cc
lock-tile.com
*.lock-tile.com
luxuryestate.co
*.luxuryestate.co
navilifecoaching.com
*.navilifecoaching.com
qfinj.gdn
*.qfinj.gdn
reachoutthmmedia.com
*.reachoutthmmedia.com
repository.it.com
*.repository.it.com
rovers.one
*.rovers.one
*.www.rovers.one
*.rustore.samsungsmartswitch.com
samsungsmartswitch.com
*.samsungsmartswitch.com
sebs.asia
*.sebs.asia
sheepstationsforsale.com
*.sheepstationsforsale.com
shoppingsector.com
*.shoppingsector.com
teause.com
*.teause.com
trbahisal.com
*.trbahisal.com
ty5br065.shop
*.ty5br065.shop
universitycareersch.sbs
*.universitycareersch.sbs
unjst.gdn
*.unjst.gdn
uopgn.gdn
*.uopgn.gdn
verticalcoop.com
*.verticalcoop.com
vetnutritionistai.com
*.vetnutritionistai.com
vrtmultimedia.com
*.vrtmultimedia.com
w75y.cyou
*.w75y.cyou
webbouwerstechnology.com
*.webbouwerstechnology.com
webmagazini.com
*.webmagazini.com
whyadhere.com
*.whyadhere.com
woodlandstexashomes.com
*.woodlandstexashomes.com
xn--qckxeyb.com
*.xn--qckxeyb.com
xn9w1w16.cc
*.xn9w1w16.cc
ydstn.trade
*.ydstn.trade
ygatwb.gdn
*.ygatwb.gdn
ykonecampaygnhub.com
*.ykonecampaygnhub.com
ykonecampaygnstrategy.com
*.ykonecampaygnstrategy.com
Other domains in certificate