Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=21357.blog
Issuer
C=US, O=Let's Encrypt, CN=YR2
Valid From
June 16, 2026
Valid Until
September 14, 2026
84 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
8C:02:10:86:F7:78:B1:63:87:9E:C8:E1:09:14:EA:A1:CA:2E:DB:15:05:58:86:47:C2:AC:9C:4D:AF:31:F2:9D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
winesource.net
*.winesource.net
*.client.winesource.net
*.m.winesource.net
*.members.winesource.net
*.test.winesource.net
*.vpn.winesource.net
*.web.winesource.net
21357.blog
*.21357.blog
*.klme0z.21357.blog
andywarholpictures.com
*.andywarholpictures.com
*.pl.andywarholpictures.com
*.random.andywarholpictures.com
*.ww38.andywarholpictures.com
beadartists.org
*.beadartists.org
buckbrazos.com
*.buckbrazos.com
*.sell.buckbrazos.com
buylikes.it
*.buylikes.it
*.out.buylikes.it
*.a.fanea.com
fanea.com
*.fanea.com
*.360.franklinconvey.com
*.assessments.franklinconvey.com
franklinconvey.com
*.franklinconvey.com
*.msb.franklinconvey.com
*.ww25.franklinconvey.com
fussballtorte.de
*.fussballtorte.de
genuinetravelgurus.xyz
*.genuinetravelgurus.xyz
*.s5kjz.genuinetravelgurus.xyz
holzgiraffen.de
*.holzgiraffen.de
*.app.ipuav.com
*.demo.ipuav.com
ipuav.com
*.ipuav.com
*.ix.ipuav.com
*.members.ipuav.com
*.qcy.ipuav.com
*.qvke.ipuav.com
*.rlar.ipuav.com
*.shop.ipuav.com
*.vwm.ipuav.com
*.www.ipuav.com
*.y.ipuav.com
leechenchinesecuisine.com
*.leechenchinesecuisine.com
*.hostmaster.nash8503.com
nash8503.com
*.nash8503.com
*.ww25.nash8503.com
*.m.pensionwatch.org
pensionwatch.org
*.pensionwatch.org
*.india.scapmed.com
scapmed.com
*.scapmed.com
*.tickets.scapmed.com
*.ww25.scapmed.com
*.ww38.scapmed.com
*.random.sondeln.de
sondeln.de
*.sondeln.de
*.elephant.sourireaustress.com
*.hostmaster.sourireaustress.com
sourireaustress.com
*.sourireaustress.com
*.ssl.sourireaustress.com
*.hostmaster.ultimerewards.com
ultimerewards.com
*.ultimerewards.com
wewtteronline.de
*.wewtteronline.de
*.ww38.wewtteronline.de
*.puipx.xiaohuangshu.vip
xiaohuangshu.vip
*.xiaohuangshu.vip
*.wildcard.xn--k10a.com
*.www.xn--k10a.com
xn--k10a.com
*.xn--k10a.com
Other domains in certificate