Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=exbook.app
Issuer
C=US, O=Let's Encrypt, CN=YR1
Valid From
June 04, 2026
Valid Until
September 02, 2026
71 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3C:4F:DB:EF:68:C8:7D:DC:CD:A8:6E:5D:03:D6:0D:AE:A5:F7:DA:0B:AB:AD:56:18:6E:69:49:08:60:9F:9C:29
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
exbook.app
*.exbook.app
*.9c96d7e2-d16f-4480-8963-55d62a255632.exbook.app
*.admin.exbook.app
*.api.exbook.app
*.app.exbook.app
*.assets.exbook.app
*.backup.exbook.app
*.dashboard.exbook.app
*.demo.exbook.app
*.dev.exbook.app
*.djpojstg.exbook.app
*.f52622b6-8842-4f9a-b18b-05877b7aad6a.exbook.app
*.hrfnzdemo.exbook.app
*.m.exbook.app
*.mail.exbook.app
*.mailer.exbook.app
*.marketing.exbook.app
*.qa.exbook.app
*.rustore.exbook.app
*.secure.exbook.app
*.staging.exbook.app
*.stg.exbook.app
*.test.exbook.app
*.uat.exbook.app
*.v1.exbook.app
*.v2.exbook.app
*.web.exbook.app
*.xiezvriykgmail.exbook.app
*.09e5b1a9-02cf-4a71-bdb5-7fe1fd2b921c.893casibom.info
893casibom.info
*.893casibom.info
*.a.893casibom.info
*.api.893casibom.info
*.app.893casibom.info
*.external.893casibom.info
*.intranet.893casibom.info
*.adm.aj-navepg.app
aj-navepg.app
*.aj-navepg.app
*.api.aj-navepg.app
*.app.aj-navepg.app
*.backend.aj-navepg.app
*.blog.aj-navepg.app
*.crm.aj-navepg.app
*.demo.aj-navepg.app
*.dev.aj-navepg.app
*.edu.aj-navepg.app
*.en.aj-navepg.app
*.erp.aj-navepg.app
*.mail.aj-navepg.app
*.members.aj-navepg.app
*.press.aj-navepg.app
cespa.org
*.cespa.org
*.mail.cespa.org
*.m.mister-food.com
mister-food.com
*.mister-food.com
*.us.mister-food.com
*.mobile.seyf.org
seyf.org
*.seyf.org
*.ssl.seyf.org
*.webconnect.seyf.org
*.8d0eb62d-7ed1-487c-91f8-c9b68e2947f5.titancontainerie.info
*.a.titancontainerie.info
*.api.titancontainerie.info
*.app.titancontainerie.info
*.dev.titancontainerie.info
titancontainerie.info
*.titancontainerie.info
*.admin.womensdesignstandards.net
*.app.womensdesignstandards.net
*.assets.womensdesignstandards.net
*.backup.womensdesignstandards.net
*.demo.womensdesignstandards.net
*.dev.womensdesignstandards.net
*.mail.womensdesignstandards.net
*.mailer.womensdesignstandards.net
*.marketing.womensdesignstandards.net
*.members.womensdesignstandards.net
*.qa.womensdesignstandards.net
*.staging.womensdesignstandards.net
*.stg.womensdesignstandards.net
*.test.womensdesignstandards.net
*.uat.womensdesignstandards.net
*.web.womensdesignstandards.net
womensdesignstandards.net
*.womensdesignstandards.net
Other domains in certificate