Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=upload.lifefyt.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
December 19, 2025
Valid Until
March 19, 2026
63 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3A:2E:B0:7B:E2:46:5B:DA:97:43:B8:50:62:75:56:8A:78:37:12:2E:AC:C6:BF:C5:01:FC:78:3C:75:24:D5:19
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
store.wpdeveloper.com
www.airportweather.app
aleriaentertainment.com
allemb.racing
bicknese.nl
bideal-app.com
keepme.brandex.global
brassband.app
vex.bren.app
brush.ninja
bazaar-dweb-next.bukalapak.design
savitar.careandshare.vn
cjoy.io
www.cjoy.io
sv-test.colleen.ai
app.confiseriedubonheur.com
corarea.com
www.corecomsystems.com
www.cutmp3.online
beta.deephow.ai
deephow.ai
dev-labs.deephow.ai
dev1.deephow.ai
www.deephow.ai
test.deutsche-finance.de
secret.dsserv.de
www.eldrly.ch
portal.elogbook.co.nz
biblio.encadyma.com
invest.everpesa.com
floodzone.nyc
bcot-dashboard.flotilla.app
console-dashboard.flotilla.app
flotilla.app
inciting.flotilla.app
funwa.co
piratepop.games235.com
today.getgreg.app
app.groupphoto.com
beta-demo.grouptrackcrm.com
subscriptions.grouptrackcrm.com
hexed.it
minutereporter.ideageek.net
dr.infoinfo.tw
web-c.ipumon.net
jcu.app
develop.jurapp.com.co
www.kawser.org
ladlympics.co.uk
upload.lifefyt.com
losprismas.com
mattpott.co.uk
www.mattpott.co.uk
mediameeting.tech
foto.mikaturk.nl
www.miurac.com
mrlgx.com
api-dev.paimon.app
auth.paimon.app
dev.paimon.app
www.passgen.net
personalfi.app
www.photoboost.app
game.pien.club
playlevel.fun
proustquestions.com
app.questfeed.com
ecohouse.raxsade.com
raxsade.com
contratar-stg.reppara.com.br
stg.reppara.com.br
business.reservation.studio
flexicap-baxter.dep.rosepetal.ai
connect-ng-carrier-recurring-lane.rxoconnecthf.rxo.com
auth.sankeydiagram.ai
app.sellersflow.com.br
app.sistemapallas.com.br
ticket.smartselling.com.ar
blog.smoulasoutez.cz
statistiky.smoulasoutez.cz
cornoallescale.snowitexperience.com
stephanie.ai
auth.storyprompt.com
home-env.tamanishi.net
tcrcommunity.com
manager.timesloth.io
preprod-assets.topsurveyspot.com
firebase.treetop.to
firebase1995.treetop.to
test.treetop.to
www.ultratech7wonders.com
www.veasybl.io
demo.verifymy.id
whenly.online
xn--bn-5bc2248n.wonderlutz.com
xn--fysioterapeuttilhellsi-g5be.fi
xn--mcahiddayan-thb.com
xn--ravintolavlitys-9kb.fi
www.yew.rs
yodhahospitals.com
Other domains in certificate