Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.photo-mate.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 24, 2025
Valid Until
January 23, 2026
69 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
98:1A:BE:2C:DC:BA:F6:96:45:70:73:11:AE:AF:29:E3:6D:2E:E0:29:C1:9F:5B:7E:3D:B5:2E:B8:7B:F4:2E:5D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
plus-ins.net
www.agenciaatr.com
aiproconsulting.net
www.antandtracy.com
www.arpimakeover.com
tackilinc.av.tr
warehouse.avecor.fi
www.avnir-event.com
www.blazemotion.ai
www.triangula.bmgomg.com
blogbytes.borgbytehub.in
borgbytehub.in
www.borgbytehub.in
brainacademy.xyz
brie.dev
emilia.buler-forrest.se
flashcards.charlesli.com
pre.portfolio.citelogiq.com
casabruja.clau.io
origin-6dhovqcpzvwkmoh8khj6nmz984q-npc.collegeboard.org
scouting.coltech9059.org
copybara.org
covida.ch
blitzar.cycraft.co
rfidencoderdecoder.dataqtechnologies.com
web.debicheck.co.za
plataforma.decroly.com.br
www.delschad-issue-tracker.com
www.drharkawal.com
ureckon.uem.edu.in
www.ehlbdev.com
www.equhealth.org
app.test.fitenment.com
www.fjelltopper.no
www.flowject.hu
app.frbimoveisbr.com.br
cdn.galaxymenu.xyz
gauravsaxena.tech
gemed.com
grow10x.com.au
cp.gyms.jp
www.heavenofwellness.eu
hendyhuang.site
recruitment.heterl0.live
www.hkf-company.com
https-to-firebase.horo.jp
dcanvas.imagineit.cc
nursingclasses.indiandevelopers.org
admin.infusioncenter.org
integradehub.com
jonathan-dennis.co.uk
link.jumbotail.com
klikdieng.id
lantsea.net
www.lapointeducul.fr
leenk.site
www.lekegashi.com
www.lilypads.cc
lorinformer.com
myworkspace.luctatu.fr
sistema.marketingdigital7.com
octavo.matthewlee.xyz
mcpe.org
meditandocomdeus.org
mivcast.com.br
www.neal-consent-to-join.com
pic-jackpot50.mentor-stage.neccton.com
operadores.nhecotech.com
nianfish.com
tiruvallur.onewaydroptaxi.co
landing.pcm-tools.nl
kenko.pedidomovil.es
www.photo-mate.app
app-staging.playplanetx.com
project-assistant-ai.com
psychoanalysis.melbourne
rallyperu.com
app.renaissanceclub.net
www.reyanshmishra.com
santa.samcarlin.one
online-ms-office.sivasoft.in
sky-lt.com
anchor-zero.solerabank.com
app.spicemissile.com
appointment.staffordholisticcounseling.com
w.suiso.info
tavron.net
www.themedics.co.za
thestoneshop-eg.com
borg.thought.center
turtleneck.io
www.villasabine.com
www.when.hockey
dev.wowe.link
wrsystems.com.br
xlntventures.net
ydsmaster.com
yeahlife.com
hub.yojung.com
app.yuno.immo
Other domains in certificate