Open
Cached
·
10h ago
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=carlosphoto.cz
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
March 17, 2026
Valid Until
June 15, 2026
49 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
92:26:BA:0F:C2:5B:AE:23:59:BD:9C:82:9B:6D:91:1C:AB:58:22:84:3C:7F:DC:FE:39:A0:D5:B0:77:97:D7:B0
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.lyenter.com
untifo.253below.com
www.web.2value.ro
new.adamtsaidev.com
www.adminflex.com.br
freja.devel.agriopt.se
qcc.alexis-ostermann.fr
algoritme.net
www.allah1.cloud
alliancefreightsolutions.com
www.anymos.co.kr
sjd.apmam.com.br
applog.app.br
www.athresher.com
www.beezai.eu
feedback.belsemerch.com
ubbrugby.deeplinks.bfansports.com
bimfort.com
institucionalprimme.biomo.com.br
www.bitcoincash.social
app.boostra.store
bpurplehq.org
carlosphoto.cz
plataforma.cdtbrasil.com.br
www.cfo.chat
chakka.eu
presupuesto.chiswicatering.uy
coach.coachreferee.com
mileagetracker.codestream.co.za
link.dev-cs2.comsuite.jp
adm.condominiosaojoaquim.net
www.consealsecurity.com
costamaigaard.dk
app.courmaebike.it
talarmedical.curagentic.ai
disimprove.com
pda.vac.e-ceos.com.br
obskur.earthquake-audio.co.za
api.garrison-idle.com
firebase.gregmoy.com
site.akadirhosting.gt.tc
helmersendigitalsolutions.no
app.integrai360.com
intnewswire.com
factof.iteration.mx
fashion.itpandit.com
hrm.itpandit.com
itppos.itpandit.com
itpscs.itpandit.com
itpsms.itpandit.com
mbbs.itpandit.com
auth.iwannapark.eu
www.kirablvm.cl
kodexlogos.com.br
kse.life
lucileansart.fr
www.lucileansart.fr
mix.mainact.app
malcatecoin.com.br
mediasmaaktest.nl
en-qa.memberhub.de
meroedu.com
milebypjx.se
moolamath.com
smartdoc.neurapartner.com.br
www.overyonderonthecape.com
phuongthaogaming.io.vn
bio.pmuc.or.th
pstsshippingservices.com
remindmed.es
qa.riffbox.app
salescrm.runsentry.com
store.saapapael.ee
sableinvest.com
www.samahasaleh.com
sansachun.me
sevkatiyegunesanaokulu.com.tr
shopgrid.co.uk
sikkimhighvisionrealestate.in
bocian.smartlegaldoc.eu
softixa.tech
recette-auth.speakylink.com
soporte.sports-tupartido.com
tecno-galpoes.com.br
tempbutton.com
jsocial.thomasgrivet.fr
tikkaburrito.com
crm.toolrides.com
admin.topformaturas.com.br
app.truarm.com
tukangweb.xyz
privacy.tuscutilities.com
app.twpartners-llc.com
villa-ines-mallorca.com
www.villa-ines-mallorca.com
www.vypiszevidenceexekuci.cz
api.weatherteller.com
www.what-is-even-happening.com
admin.wrdz.app
id.zsombii.com
Other domains in certificate