Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=edufocusfilmteams.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 09, 2026
Valid Until
May 10, 2026
88 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B3:D5:6A:1F:F3:FD:67:C7:6F:97:35:39:EF:67:FC:A1:37:FA:2D:B9:67:6D:8E:45:5C:A4:B4:9B:64:2D:65:49
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
88 domains
backstories.com
*.backstories.com
*.demo.backstories.com
*.m.backstories.com
*.mail.backstories.com
*.sitemap.backstories.com
*.sitemaps.backstories.com
1photographer.co
*.1photographer.co
*.69c90eb5-c357-49d5-8b01-56159f3937dd.1photographer.co
*.a010ee97-3745-4f06-8697-bd27c7144f4a.1photographer.co
*.app.1photographer.co
*.ebmail.1photographer.co
*.f912576d-bb7e-42e4-9906-b18446bcf09a.1photographer.co
*.hostmaster.1photographer.co
*.webdisk.1photographer.co
2998i.cc
*.2998i.cc
*.sitemap.2998i.cc
*.api.bunyips.com
bunyips.com
*.bunyips.com
*.dev.bunyips.com
*.mail.bunyips.com
*.rustore.bunyips.com
*.sitemaps.bunyips.com
*.test.bunyips.com
*.ww17.bunyips.com
clubbestfriendforever.com
*.clubbestfriendforever.com
*.vpn.clubbestfriendforever.com
*.apmc.mpmandiboard.co.in
mpmandiboard.co.in
*.mpmandiboard.co.in
edufocusfilmteams.com
*.edufocusfilmteams.com
*.foto.glasscrafter.com
glasscrafter.com
*.glasscrafter.com
*.hosted.glasscrafter.com
*.ims.glasscrafter.com
*.old.glasscrafter.com
*.plus.glasscrafter.com
*.pop3.glasscrafter.com
*.prueba.glasscrafter.com
*.sa.glasscrafter.com
*.staging.glasscrafter.com
*.users.glasscrafter.com
*.ww38.glasscrafter.com
houseclubs.it
*.houseclubs.it
*.redash.houseclubs.it
*.admin.keywest.charity
*.app.keywest.charity
*.assets.keywest.charity
*.demo.keywest.charity
*.dev.keywest.charity
*.domvktest.keywest.charity
keywest.charity
*.keywest.charity
*.staging.keywest.charity
*.static.keywest.charity
*.test.keywest.charity
*.www.keywest.charity
magopix.bet
*.magopix.bet
ounsielhage.com
*.ounsielhage.com
szews.com
*.szews.com
verakossatesting.online
*.verakossatesting.online
*.m.vipneuro.com
*.old.vipneuro.com
*.sitemap.vipneuro.com
vipneuro.com
*.vipneuro.com
*.wildcard.vipneuro.com
*.ww16.vipneuro.com
*.ww25.vipneuro.com
*.api.williamsbankfeesettlment.com
*.app.williamsbankfeesettlment.com
*.bk.williamsbankfeesettlment.com
*.store.williamsbankfeesettlment.com
williamsbankfeesettlment.com
*.williamsbankfeesettlment.com
*.ww38.williamsbankfeesettlment.com
*.www.williamsbankfeesettlment.com
Other domains in certificate