Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=online-ads.click
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 04, 2026
Valid Until
May 05, 2026
81 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CC:DF:50:C3:B6:75:4E:71:2C:D8:EF:55:DB:8A:30:6E:C3:03:82:59:AC:5E:8E:40:D0:FF:27:29:5A:87:3E:F0
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
pietuo.com
*.pietuo.com
*.ww16.pietuo.com
102.live
*.102.live
*.2g0fcz6mgbgnafkdpv0bizlav.102.live
*.api.102.live
1point.vip
*.1point.vip
*.admin.1point.vip
*.api.1point.vip
*.app.1point.vip
*.aws.1point.vip
*.ffffffffffff.1point.vip
*.random.1point.vip
*.wildcard.1point.vip
*.ww25.1point.vip
*.ww38.1point.vip
*.www.1point.vip
9btc.xyz
*.9btc.xyz
*.admin.9btc.xyz
*.laravel.9btc.xyz
*.ww25.9btc.xyz
abu777.click
*.abu777.click
*.app.abu777.click
*.formation.abu777.click
*.insights.abu777.click
berkeleyhousingauthority.com
*.berkeleyhousingauthority.com
*.wildcard.berkeleyhousingauthority.com
brainracing.eu
*.brainracing.eu
*.www.brainracing.eu
busphotos.eu
*.busphotos.eu
*.ww38.busphotos.eu
cheapestflight.com.au
*.cheapestflight.com.au
*.live.cheapestflight.com.au
*.search-completed.cheapestflight.com.au
cooinbase.pro
*.cooinbase.pro
*.smtps.cooinbase.pro
fishforall.org
*.fishforall.org
gazo.chat
*.gazo.chat
*.random.gazo.chat
*.wildcard.gazo.chat
geapplication.com
*.geapplication.com
*.superset.geapplication.com
*.ww1.geapplication.com
*.dwij7.googl-cld.xyz
googl-cld.xyz
*.googl-cld.xyz
*.06d1936a-68da-48cf-96fa-445df0378fcb.innerlists.xyz
*.crm.innerlists.xyz
*.exchange.innerlists.xyz
innerlists.xyz
*.innerlists.xyz
*.mx1.innerlists.xyz
*.webmail.innerlists.xyz
*.ww38.innerlists.xyz
lolaandcotapas.co.uk
*.lolaandcotapas.co.uk
*.random.lolaandcotapas.co.uk
maunaloa.live
*.maunaloa.live
metgaer.de
*.metgaer.de
mobilefurnish.com
*.mobilefurnish.com
*.www.mobilefurnish.com
online-ads.click
*.online-ads.click
*.pr.online-ads.click
*.www.online-ads.click
openseai.io
*.openseai.io
*.ww25.openseai.io
*.ww38.openseai.io
palmmegzi.com
*.palmmegzi.com
rennschuhe.de
*.rennschuhe.de
xn--beatmungsgert-mfb.de
*.xn--beatmungsgert-mfb.de
Other domains in certificate