Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=bodyflow.icu
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 13, 2026
Valid Until
May 14, 2026
88 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
42:D9:DF:95:94:4C:C6:46:48:CA:2D:C9:98:B3:87:1C:2E:07:BA:6C:B6:30:20:BC:FF:0F:04:55:07:CC:A6:38
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
pecado.io
*.pecado.io
*.accounts.pecado.io
*.admin.pecado.io
*.aix-app.pecado.io
*.api.pecado.io
*.app.pecado.io
*.auth.pecado.io
*.demo.pecado.io
*.kr.pecado.io
*.ph.pecado.io
*.services.pecado.io
*.th.pecado.io
*.us.pecado.io
*.www.pecado.io
69project.com
*.69project.com
*.webdisk.69project.com
aroundthelake.it
*.aroundthelake.it
*.data.aroundthelake.it
*.serenella.aroundthelake.it
*.tsui.aroundthelake.it
*.admin.bodyflow.icu
*.app.bodyflow.icu
bodyflow.icu
*.bodyflow.icu
*.localhost.bodyflow.icu
*.portal.bodyflow.icu
*.shop.bodyflow.icu
*.store.bodyflow.icu
*.webdisk.bodyflow.icu
boys.fi
*.boys.fi
*.mail.boys.fi
*.shop.boys.fi
*.ssh.boys.fi
*.store.boys.fi
*.street.boys.fi
*.admin.chungchanginglives.org
chungchanginglives.org
*.chungchanginglives.org
*.autodiscover.differentbydesign.co
*.cpanel.differentbydesign.co
*.dc-5bbe259daf28.differentbydesign.co
differentbydesign.co
*.differentbydesign.co
*.mail.differentbydesign.co
*.staging2.differentbydesign.co
*.webdisk.differentbydesign.co
*.webmail.differentbydesign.co
*.www.differentbydesign.co
*.api.kuzeyturk.com
*.dev.kuzeyturk.com
kuzeyturk.com
*.kuzeyturk.com
*.mail.kuzeyturk.com
*.sitemap.kuzeyturk.com
*.test.kuzeyturk.com
*.ww25.kuzeyturk.com
lovehoney.cm
*.lovehoney.cm
*.wildcard.lovehoney.cm
*.cpanel.myhomebuilders.com.au
*.cpcalendars.myhomebuilders.com.au
*.hotfix.myhomebuilders.com.au
myhomebuilders.com.au
*.myhomebuilders.com.au
*.5uylx.qme.net
qme.net
*.qme.net
*.ww25.qme.net
*.ww38.qme.net
rcwilley.co
*.rcwilley.co
*.7c7fe9818443.theshearingroups.org
*.classiccamera.theshearingroups.org
*.cpcontacts.theshearingroups.org
*.localhost.theshearingroups.org
*.mail.theshearingroups.org
*.ns1.theshearingroups.org
*.ns2.theshearingroups.org
theshearingroups.org
*.theshearingroups.org
*.authsmtp.whichonlinestore.com.au
*.random.whichonlinestore.com.au
whichonlinestore.com.au
*.whichonlinestore.com.au
*.ww16.whichonlinestore.com.au
Other domains in certificate