Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=1tvpersian.us
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 01, 2026
Valid Until
May 02, 2026
81 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3A:93:6D:CC:FC:7A:A0:07:CB:E6:C5:57:F8:95:A0:D2:D3:50:74:9E:C2:E1:17:38:7D:AB:4E:35:85:FB:33:52
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
88 domains
thebigswitch.com
*.thebigswitch.com
*.admin.thebigswitch.com
*.mx2.thebigswitch.com
*.transparencia.thebigswitch.com
1tvpersian.us
*.1tvpersian.us
*.ww25.1tvpersian.us
aaaaol.com
*.aaaaol.com
*.admin.aaaaol.com
*.aolantivirus.aaaaol.com
*.citrix.aaaaol.com
*.ftp.aaaaol.com
*.pureinfos.aaaaol.com
*.senzavirus.aaaaol.com
*.stg.aaaaol.com
*.virus.aaaaol.com
*.ww38.aaaaol.com
acridsetaria.website
*.acridsetaria.website
alliantz.com
*.alliantz.com
*.mail.alliantz.com
*.martin-eat.alliantz.com
*.ww11.alliantz.com
cirem45ato.shop
*.cirem45ato.shop
copse.shop
*.copse.shop
costcoonline.shop
*.costcoonline.shop
cs-eg.store
*.cs-eg.store
ejnpl.shop
*.ejnpl.shop
epicrecords.shop
*.epicrecords.shop
ethernity.studio
*.ethernity.studio
fireflyy.shop
*.fireflyy.shop
forkliftrepairusa.shop
*.forkliftrepairusa.shop
hga155.shop
*.hga155.shop
hiltonhonors.co
*.hiltonhonors.co
*.wildcard.hiltonhonors.co
*.ww38.hiltonhonors.co
hopecema1.shop
*.hopecema1.shop
johnlewiisvip.shop
*.johnlewiisvip.shop
manjanoon.xyz
*.manjanoon.xyz
*.ww25.manjanoon.xyz
*.ww38.manjanoon.xyz
mttv.live
*.mttv.live
myluxuryweddingportugal.com
*.myluxuryweddingportugal.com
*.random.myluxuryweddingportugal.com
paytosmm.co
*.paytosmm.co
*.ww25.paytosmm.co
*.ww38.paytosmm.co
pestmanagment.com.au
*.pestmanagment.com.au
powertravel.shop
*.powertravel.shop
queenred.pro
*.queenred.pro
tafapparel.shop
*.tafapparel.shop
terralutus.shop
*.terralutus.shop
*.mail.trickbd.mobi
*.sitemaps.trickbd.mobi
trickbd.mobi
*.trickbd.mobi
*.webmail.trickbd.mobi
xhdbd.shop
*.xhdbd.shop
xn--smv-ioa.shop
*.xn--smv-ioa.shop
yahteech.shop
*.yahteech.shop
Other domains in certificate