Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=02950.one
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 23, 2026
Valid Until
August 21, 2026
70 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F4:D4:F4:5F:2D:54:1D:CC:38:1E:B7:9F:C0:A8:D0:21:19:7B:00:E8:D5:5F:EA:28:26:76:F6:40:BC:4F:37:08
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
tabify.co
*.tabify.co
02950.one
*.02950.one
05644.club
*.05644.club
056k.cc
*.056k.cc
0845o.cc
*.0845o.cc
0845v.cc
*.0845v.cc
17376.qpon
*.17376.qpon
2030smusic.com
*.2030smusic.com
406180.cc
*.406180.cc
412g.cc
*.412g.cc
419hkl.cc
*.419hkl.cc
4567kan.com
*.4567kan.com
6076447.cc
*.6076447.cc
6390.town
*.6390.town
65913.club
*.65913.club
67279.my
*.67279.my
837744.com
*.837744.com
8with.com
*.8with.com
91017.one
*.91017.one
atipfromthefield.com
*.atipfromthefield.com
begolu.pro
*.begolu.pro
dravingalaws.com
*.dravingalaws.com
fifthandbroadway.com
*.fifthandbroadway.com
fitnessaffinitycore.run
*.fitnessaffinitycore.run
fitnessclarityexperts.run
*.fitnessclarityexperts.run
fitnessclarityfocus.run
*.fitnessclarityfocus.run
fitnesspulsenexus.run
*.fitnesspulsenexus.run
foliasarda.com
*.foliasarda.com
fresh-casino-kz.com
*.fresh-casino-kz.com
gagabi.com
*.gagabi.com
golocalshoppingscreens.com
*.golocalshoppingscreens.com
gsm-services.com
*.gsm-services.com
h-ost.com
*.h-ost.com
harbourfish.com
*.harbourfish.com
hislemotel.com
*.hislemotel.com
homeimprovementzone.net
*.homeimprovementzone.net
hydalo.pro
*.hydalo.pro
inlai.com.cn
*.inlai.com.cn
macaronissignshop.com
*.macaronissignshop.com
matjarkoum.com
*.matjarkoum.com
migsurge.com.cn
*.migsurge.com.cn
sparkalinewater.com
*.sparkalinewater.com
speaker-1.today
*.speaker-1.today
studiotabassco.com
*.studiotabassco.com
windies.com
*.windies.com
Other domains in certificate