Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=links.xword.co.il
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
56 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
01:64:45:6A:07:02:33:0A:B0:71:11:4F:B9:9A:0A:F8:87:CA:B2:A6:01:21:2C:FF:E7:0C:78:32:5B:C1:54:DC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
4tsuboshi.com
www.1saurabh.com
akerboom.me
app.aks2tal.com
www.alexbenzer.com
m.amajgroup.com
amyandnick.wedding
aniruddhapremsagara.com
www.antar.chat
aptitude-labs.com
l.ayushgoyal.dev
www.beta7.at
www.bitsboxcms.com
www.dev.mijn.bobdebot.nl
boris-admin.de
boveda.ai
lagarza.bracelit.es
larebotica.bracelit.es
www.buji.tech
pro.caresend.co
www.claytonstateevents.com
links.xword.co.il
cocomptoir.com
about.codearmy.dev
multibrandprints.com.ng
www.dotjobs.org
bridge.drpjl.com
elleaptech.com
emplution.ch
stage-login-v2.emporix.io
envoie.email
121mcs.equiem.mobi
estudiokoraju.com
everlove.uk
fantasygoldgh.com
app-staging.fedgrants.ai
www.festfrwrd.dev
dashtest.firstposter.in
fredhamer.com
glopronet.ca
gndrv.com
goldschmiede-ammersee.de
hmds.li
www.ihui.ink
invoicehub.co
hydra.ivan.digital
admin.jdtpoly.com
sample.jee.rs
notes.jjc1138.net
www.jobayerislam.com
premium.justlorry.com
functions.kayali.dev
www.kegelstreams.com
kilometridicolori.com
go.kxlabs.net
lachispa.lapieza.io
learnwatchgo.com
logopedielievemutton.be
invite.loyalosystem.com
luismagana.work
magicword.cc
photos.maheshd.com
dev.admin.mamava.com
base.mergevr.com
mojo-dating.com
mothercareservice.com
kaiser-app.murallink.com
dev.mymoneytimeline.com
firebase.nejdr.cz
dust.nekvinda.net
novamarbleandgranite.com.au
app.nudgegram.com
boname-gerling-quartier.web.operate-app.com
www.patelkevin.com
pmrealty-group.com
www.prisoner.com
restaurant-paros-echt.nl
sailingbeluga.de
www.sangsundatalogics.com
seattletolls.com
www.sertony.ru
ghana.smartlegaldoc.eu
relookyourkitchen-app.speakylink.com
www.sportall.tv
rtm.sprpic.com
quiz.sqre.io
link.sssem.ninja
stockparliament.com
contenzioso.studioramuglia.it
syzygy.solutions
thedantas.com
console.themonkprotocol.org
artlarosa.thetislive.com
ales.tomcal.cz
www.toonsi.tn
www.tredco.dk
www.turnverein.app
virtualnivia.com
voix.cc
app.wearepicky.com
Other domains in certificate