Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=elumia.cfd
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 01, 2026
Valid Until
May 02, 2026
78 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1C:CB:59:01:AB:FE:81:5D:4C:C1:4E:37:48:03:E0:E3:A4:EA:03:95:24:13:EF:F9:6A:7D:FF:65:FF:0C:32:58
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
lospolos.com
*.lospolos.com
*.ww25.lospolos.com
97159.pictures
*.97159.pictures
arcaded.com
*.arcaded.com
*.mail.arcaded.com
asset-trak.com
*.asset-trak.com
cosmetology-certification861618.icu
*.cosmetology-certification861618.icu
elumia.cfd
*.elumia.cfd
eoesymptomsinadultseohilia960707.icu
*.eoesymptomsinadultseohilia960707.icu
i-wedding.com
*.i-wedding.com
*.remote.i-wedding.com
installs.com.au
*.installs.com.au
karasuma.com
*.karasuma.com
*.ssl.karasuma.com
labtempmonitoring653756.icu
*.labtempmonitoring653756.icu
manager-connectvpn.info
*.manager-connectvpn.info
masterhandcarwash.com.au
*.masterhandcarwash.com.au
maxbliss.net
*.maxbliss.net
miningpower.pro
*.miningpower.pro
morningstarmarketplace.com
*.morningstarmarketplace.com
orthodonticmarketingagency.com
*.orthodonticmarketingagency.com
plasticlaminate257140.icu
*.plasticlaminate257140.icu
raygunclothing.com
*.raygunclothing.com
recruitment-agencies-usa.click
*.recruitment-agencies-usa.click
retainingwallsadelaide.com.au
*.retainingwallsadelaide.com.au
rgt300.com
*.rgt300.com
saltlakecityepoxy.com
*.saltlakecityepoxy.com
sellmyhousecashatlanta.com
*.sellmyhousecashatlanta.com
sellmyhousecashstlouis.com
*.sellmyhousecashstlouis.com
serviciosemot.online
*.serviciosemot.online
smokesativa.com
*.smokesativa.com
snoot.com.au
*.snoot.com.au
socialtraffic.cloud
*.socialtraffic.cloud
teeming.com.au
*.teeming.com.au
terminaldebuses.online
*.terminaldebuses.online
tfanqie.cc
*.tfanqie.cc
thesecoya.com
*.thesecoya.com
tienda.us
*.tienda.us
usedcar.au
*.usedcar.au
vegavixen.com
*.vegavixen.com
vermontcrypto.com
*.vermontcrypto.com
watertreatmentservices003180.icu
*.watertreatmentservices003180.icu
xivo.io
*.xivo.io
xn--7uvv04d7ha.com
*.xn--7uvv04d7ha.com
y2kwear.com
*.y2kwear.com
yatou.tw
*.yatou.tw
yknmks.academy
*.yknmks.academy
Other domains in certificate