Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=barber360.com.br
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 15, 2026
Valid Until
May 16, 2026
89 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
41:C8:27:5E:E7:9F:CE:8B:7F:C8:C8:73:B3:C9:AB:1A:B0:43:54:A7:25:A9:1E:B3:9D:0E:41:ED:B3:FA:57:26
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
barber360.com.br
*.barber360.com.br
*.souza.barber360.com.br
*.souzabarbearia.barber360.com.br
8ymb2.info
*.8ymb2.info
*.ww25.8ymb2.info
*.www.8ymb2.info
*.app.connectdotsbooks.com
*.backup.connectdotsbooks.com
*.cabinet.connectdotsbooks.com
*.community.connectdotsbooks.com
connectdotsbooks.com
*.connectdotsbooks.com
*.cthmsjav.connectdotsbooks.com
*.demo.connectdotsbooks.com
*.euogzsms.connectdotsbooks.com
*.mail.connectdotsbooks.com
*.qa.connectdotsbooks.com
*.rd.connectdotsbooks.com
*.rdweb.connectdotsbooks.com
*.remote.connectdotsbooks.com
*.sms.connectdotsbooks.com
*.stg.connectdotsbooks.com
*.vpn.connectdotsbooks.com
*.www.connectdotsbooks.com
*.3a1fd229-3d7e-42f2-841c-b9863cefe0d8.cvfx.lol
*.94aa7456-5062-4369-8aa7-8550427fd7ae.cvfx.lol
*.admin.cvfx.lol
*.api.cvfx.lol
*.app.cvfx.lol
cvfx.lol
*.cvfx.lol
*.demo.cvfx.lol
*.dev.cvfx.lol
*.fblkgshare.cvfx.lol
*.hlqixdemo.cvfx.lol
*.pagamento.cvfx.lol
*.public.cvfx.lol
*.test.cvfx.lol
*.wkhcrpublic.cvfx.lol
*.www.cvfx.lol
deltawi-fi.com
*.deltawi-fi.com
*.ww25.deltawi-fi.com
*.admin.gourmetroast.com
*.analytics.gourmetroast.com
*.flowise.gourmetroast.com
gourmetroast.com
*.gourmetroast.com
helisbank.com
*.helisbank.com
*.www.helisbank.com
khaleejtimes.news
*.khaleejtimes.news
*.webdisk.khaleejtimes.news
*.webmail.khaleejtimes.news
*.as.netcdn.xyz
*.ci-development.netcdn.xyz
*.ds.netcdn.xyz
*.img.netcdn.xyz
*.jp.netcdn.xyz
netcdn.xyz
*.netcdn.xyz
*.p.netcdn.xyz
*.random.netcdn.xyz
*.us.netcdn.xyz
*.ww25.netcdn.xyz
*.ww38.netcdn.xyz
*.www1.netcdn.xyz
noookasee.xyz
*.noookasee.xyz
*.staging.noookasee.xyz
*.ww25.noookasee.xyz
*.ftp.plmsdetea.info
plmsdetea.info
*.plmsdetea.info
*.www.plmsdetea.info
seedform.com
*.seedform.com
*.252fwww.shareurl.xyz
*.8hali9ydzj.shareurl.xyz
*.chat.shareurl.xyz
*.members.shareurl.xyz
*.pan.shareurl.xyz
shareurl.xyz
*.shareurl.xyz
*.staging.shareurl.xyz
*.ww1.shareurl.xyz
*.ww6.shareurl.xyz
Other domains in certificate