Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=freefoto.ca
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 21, 2026
Valid Until
August 19, 2026
65 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
30:4F:87:C6:B2:B5:B8:D1:73:C6:80:80:99:4A:D8:EC:B5:66:7D:4C:ED:4E:CB:17:92:01:29:31:40:BC:25:F1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
starflower.co
*.starflower.co
*.archive.starflower.co
*.demo.starflower.co
*.share.starflower.co
2x24.cc
*.2x24.cc
*.ww.2x24.cc
*.ww17.2x24.cc
*.admin.bibliografie.it
*.api.bibliografie.it
bibliografie.it
*.bibliografie.it
*.dashboard.bibliografie.it
*.dev.bibliografie.it
*.hostmaster.bibliografie.it
*.mail.bibliografie.it
*.remote.bibliografie.it
*.staging.bibliografie.it
*.superset.bibliografie.it
*.visual.bibliografie.it
*.a.cigma.es
cigma.es
*.cigma.es
*.ckientr.cigma.es
*.cleintes.cigma.es
*.clientes.cigma.es
*.clients.cigma.es
*.cqcjqwebdisk.cigma.es
*.irhnjwebmail.cigma.es
*.pop.cigma.es
*.webdisk.cigma.es
*.webmail.cigma.es
*.ww.cigma.es
*.www.cigma.es
*.xwww.cigma.es
*.advanzia.ethiocarbroker.com
*.aregnta.ethiocarbroker.com
*.dkbdeutsh.ethiocarbroker.com
ethiocarbroker.com
*.ethiocarbroker.com
*.rakbank.ethiocarbroker.com
freefoto.ca
*.freefoto.ca
*.uat.freefoto.ca
*.api.hedefeulas.online
hedefeulas.online
*.hedefeulas.online
*.members.hedefeulas.online
*.test.hedefeulas.online
*.8235bcde-cfc2-4d9c-ae85-cf00c636a4e9.livegirls.cc
*.admin.livegirls.cc
*.app.livegirls.cc
livegirls.cc
*.livegirls.cc
*.m.livegirls.cc
*.mail.livegirls.cc
*.remote.livegirls.cc
*.sitemap.livegirls.cc
*.sitemaps.livegirls.cc
*.testing.livegirls.cc
*.www.livegirls.cc
*.wwww.livegirls.cc
*.d.nebulacdn.xyz
*.demo.nebulacdn.xyz
*.dev.nebulacdn.xyz
nebulacdn.xyz
*.nebulacdn.xyz
*.static.nebulacdn.xyz
nprstu.xyz
*.nprstu.xyz
*.yhw2kt.nprstu.xyz
*.0343055d-b0fc-4ab0-8711-68484cc15e19.theaterviewer.com
*.api.theaterviewer.com
*.app.theaterviewer.com
theaterviewer.com
*.theaterviewer.com
*.arafexlogisservice.treasuryandtrustbank.com
*.biztrustfcu.treasuryandtrustbank.com
*.cellularwholesalecalifornia.treasuryandtrustbank.com
*.com.treasuryandtrustbank.com
*.firstsilverbank.treasuryandtrustbank.com
*.jberesfordeassociate.treasuryandtrustbank.com
*.scribewingscourierservice.treasuryandtrustbank.com
*.smallsbusinessgrants.treasuryandtrustbank.com
*.somosexpresscourrier.treasuryandtrustbank.com
*.theme.treasuryandtrustbank.com
treasuryandtrustbank.com
*.treasuryandtrustbank.com
*.usajackpotslottery.treasuryandtrustbank.com
Other domains in certificate