Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=librill.flocca.dev
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 23, 2025
Valid Until
December 22, 2025
37 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
61:7A:4D:9E:6B:FD:1F:D8:C1:E3:AE:CA:0E:7A:68:38:BF:C2:13:3B:3C:F4:19:87:B3:9C:2B:5E:D8:13:CC:07
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.iplugcrm.com
10point.ai
cms-test.29k.org
centralselling-test.3dcloud.io
invite-dev.3dmeet.com
4cgt.com
www.604drivingschool.com
functions.addclarity.net
adilquamar.com
app.appstake.net
arorahonda.com
artdillo.com
artisty.mn
booking.availify.no
bestonapps.com
bridgeplacements.in
www.bytecodex.com
c41app.com
network.at.calculatorhub.app
www.cheapsharedlicense.com
auth.cloud-series.com
clumsylamers.com
blog.clusterbeep.org
nvclub.magnolia.co.il
globalbridgeconnections.com.pa
alpha.link.consentio.co
darshans.me
dartball.co
www.dealflow.app
deceptiveai.in
demon.quest
digicolony.com
digitalvectorstudios.com
docdanko.com
www.dvac.tokyo
librill.flocca.dev
readingapp.gcpuniv.com
www.giyomugames.com
gonzaloarenasf.cl
www.guideme.ar
gsuite-integration.happeo.com
portal.hausvalet.ca
www.havensofhope.com
hi-va.com
www.idtconsultancy.com
www.igtb.app
imhere.page
plma.backend.in.th
ixii.app
www.jisspa.com
johannesengl.com
www.courseplanner.joshid.co.uk
www.juanfersubia.com
kajisa.com.co
kimaya.ai
liy4f.org
lokhelp.in
masuyo.nl
www.matthewsorrell.com
www.medibridgeworldwide.com
ytml.mergeconflict.tech
stage.mymoneytimeline.com
www.myremoteday.com
numarg.xyz
numxlator.com
iba.optadata-innovationlab.de
www.ovenbits.com
paraclimbing.be
pariwartangriha.com
dwg.pathadvice.ai
patrickmbarker.com
www.picsrch.com
www.planikun.com
write.popsmartkids.com
pos-itivo.com
www.probilliard.club
app.prosupervise.com
raheenns.net
share-journey.routica.com
www.ruapeakstech.com
staging.schemes.sg
www.shambhala-transition.org
snapklik.ca
admin.soft.events
solidsws.com
www.soundgen.app
trekanten.stangeland.app
station426.com
stockgenie.co
dashboard.swift-menu.app
dev2.tbdoc.jp
tellmebriefly.app
people.tickbird.com
alpha-stage.truckstop.com
velicham.org
beheer.vitaellis.nl
www.winquist.ca
matix.x123.in
xaltruist.com
zincir.app
Other domains in certificate