Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=sphn.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
April 24, 2026
Valid Until
July 23, 2026
73 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DE:11:EA:78:08:1E:09:3C:D0:8F:36:02:5D:F5:D9:7F:70:1E:0D:BA:4D:A0:B1:6A:48:92:39:EE:E6:85:65:40
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
site.omnivers.dev
www.02-2614-2222.com
501digital.de
www.a1e.io
adrex.ai
wishlister.alexcrow.dev
asistirbellville.com.ar
www.atamawari.com
bebe-name.site
partner.bgood.co.kr
burritotikkamasala.com
www.cn2x.com.br
invite.coolplay.io
auth.costshare.at
demo.mapalytics.datamachina.com.br
www.deiselimastudio.com.br
www.devdev-tools.com
deviatedelight.events
digione.city
dnametal.mx
dswenlinea.com
edgemark.co.in
www.elorank.me
startup.enaqd.exchange
cleaners.facilitycleaners.co.uk
fitit.ai
intake.fluxon.io
galuxurypack.com
goingtools.com
vote.goodylabs.com
admin.guidekaspro.com
hearme.tech
horaizon.co.uk
humanitycharitabletrust.org
indigostuff.com
innovaintec.com
insuremypev.com
prodaq.intecnik.com.br
it-entreprenorerna.se
james-foreman.com
www.janvigupta.in
auth.jinnify.ai
network.jopit.com.ar
xapr.jwitt.me
karin-wilhelmer-physio.at
legatismigrare.com
www.legatismigrare.com
www.logixplore.online
atlas.luminaeprimegroup.com
maidanarte-py.uk
www.maidanarte-py.uk
managementbyconcept.com
menez.io
www.mersi.money
mincom.io.kr
mominur.com
mrkphotography.eu
www.nagroda.eu
vegas.nanks.com
auth.netusall.com
design.nexaproducts.eu
say-cheese-pizza.nextorder.com
www.novaxon.com
oufouq-tawjih.com
www.oufouq-tawjih.com
phenixtec.site
www.pickuick.eu
prokop-werner.cz
clickaway.promo.com.gr
app.quizzard.gr
dashboard.rapiauto.com.mx
realitysync.io
falke.reepco.dk
relentless-club.com
status.revas.org
tag.ryanatevstudios.com
www.sandhikala.com.ar
satyajit.me
scompany.hu
ryan.silber.games
somnius.io
sphn.io
www.stadens.co.za
steemblr.com
bodaabigailyelvin.swanmoments.lat
bodabeatrizyrodolfo.swanmoments.lat
www.tamatafresh.com
timer.teabee.org
epoch.theboringtools.com
theboringtools.com
www.thesolutionpoint.in
www.torchpicks.com
admin.umoja1boda.online
inspection1.dl.firebase.google.services.intranet.unpaidworks.com
integration.upoint.mn
vacanzeromanesrls.com
www.photo.vyeron.com
wrb.com.ua
app-link.xplant.co.kr
monitor.zense.online
Other domains in certificate