DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt

Certificate Information

Subject
CN=photmail.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 06, 2026
Valid Until
August 04, 2026 77 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DE:A0:C6:68:F0:CA:69:FC:26:46:3F:C2:9E:6A:CF:25:81:51:7D:94:47:51:51:56:69:3D:78:4E:D4:6F:9C:95
Alternative Names
89 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains
photmail.com *.photmail.com *.burgos.photmail.com *.c.photmail.com *.coilann.photmail.com *.comfelixj.photmail.com *.email.photmail.com *.essmann.photmail.com *.g.photmail.com *.h.photmail.com *.i.photmail.com *.interia.photmail.com *.k.photmail.com *.l.photmail.com *.m.photmail.com *.marco.photmail.com *.marianny.photmail.com *.pakinee3114.photmail.com *.qqnessa.photmail.com *.santanabovaca.photmail.com *.sapo.photmail.com *.wp.photmail.com *.zs.photmail.com

Other domains in certificate

ah9nt4s.shop *.ah9nt4s.shop
aifilmforge.shop *.aifilmforge.shop
amaravati.live *.amaravati.live
billyfootwearco.shop *.billyfootwearco.shop
bkmoroddye.net *.bkmoroddye.net
blominbrands.com *.blominbrands.com *.ww25.blominbrands.com
btanru.shop *.btanru.shop
bymt46.buzz *.bymt46.buzz
celebhale.shop *.celebhale.shop
cheezepizza.shop *.cheezepizza.shop
chromeheartsjewelry.shop *.chromeheartsjewelry.shop
clivishait.shop *.clivishait.shop
doitooldelights.shop *.doitooldelights.shop
dy0825.com *.dy0825.com *.ww17.dy0825.com
fgjrlucy.shop *.fgjrlucy.shop
goyio.shop *.goyio.shop
h147drewa.life *.h147drewa.life
igourmet.shop *.igourmet.shop
mytopliving.shop *.mytopliving.shop
nepenthe.shop *.nepenthe.shop *.preprod.nepenthe.shop *.random.nepenthe.shop *.webmail.nepenthe.shop *.ww38.nepenthe.shop
*.hxxyz1.onbzdxzr.me *.hymyz1.onbzdxzr.me onbzdxzr.me *.onbzdxzr.me
*.h5.quantumx-ex.com quantumx-ex.com *.quantumx-ex.com
serendipityroad.shop *.serendipityroad.shop
shopgrillcollection.shop *.shopgrillcollection.shop
speededwhiners.shop *.speededwhiners.shop
sungmorgarden.shop *.sungmorgarden.shop
*.9fzeg5r2km.thevelvetsession.club thevelvetsession.club *.thevelvetsession.club
tianxiabuwen.com *.tianxiabuwen.com