Open
Cached
·
1m ago
77/100
SECURITY SCORE
Certificate Information
Subject
CN=yoxla.istedad21.edu.az
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 29, 2025
Valid Until
January 27, 2026
68 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6E:72:E1:25:37:86:4F:D4:B7:25:70:3F:9C:4E:C6:23:09:CC:95:ED:0B:B2:87:52:1A:1D:EB:62:B1:C9:29:BE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
bondhu-bangladesh.de
www.a1-talent.com
aeternitastower.com
www.agroavanco.com.br
links.alokation.com
admin.demo2.anyware.software
cm.arbotanicgarden.com
babiesfamclub.com
betrieb-zu-haben.at
biketracker.ovh
www.book-keeping.net
app.bookmytables.com
brainbuzzquiz.com
app.broms.nu
bubblewaffle.co.za
www.buteartretreat.co.uk
cleverbraingames.com
cmsxpert.com
cupontour.com
auth.alegeus.cyberhaven.io
darrylday.ca
store.dawn.ad
dictation.io
skatteetaten.digiclass.no
privacy.digitalliberia.com
www.frame.duurzaamwonenbon.nl
assets.edlin.app
yoxla.istedad21.edu.az
www2.euro2006.net
devapp.fan.ai
api.public.fibi.works
flowguard.im
www.fluentcontrol.com
fortunepandaadmin.online
blog.grikk.co.jp
lp.hateomim.com
shapenessadmin.hosand.it
lephuchung20215276.id.vn
www.instaduuka.com
www.it-lab.su
myappwork.jchpham.com.au
jgmbusinessgroup.com
www.jimmytang.dev
jplanzoni.com.br
www.ka-ching.dk
accounts.cloud.kabuku.io
app.knowhowee.cz
foodmood.kodista.ch
kubiq.me
www.lachambotte.com
latabisca.it
www.luntch.com
www.madchasselures.com
www.mayhemstreamsfarm.com
www.profissionais.meagenda.com.br
app.megabin.co.za
new-member.memberwizard.com.au
www.meninasdoceiras.com
milkywaystudio.ca
www.namathutamil.com
auth.nbx.com
www.neuro-sense.ai
bw-test.omf.com
exhibition.ortelia.com
www.paralleltraders.com
www.parveendev.in
www.paulovich.com
backoffice.diniz.peyess.com
piwu.io
po-engenharia.pt
www.prodoid.com
covid.riso.dev
rstechvation.in
schuldenhilfe-notruf.de
semillasdeamorquindio.org
shiko-inu.de
seller.pre.prod.shopcircuit.ai
www.sirfogg.cz
auth.solitairetot.com
omgr.staging.spiio.com
spzirepartners.com
privacy.stickyice.com
suzieli.dev
texid.eu
play.timepass.games
metabolic-madrid.timp.io
www.timyst.com
customer.tooweze.com
triple60.com
ead.turbineduca.com.br
welovecf.turnosweb.app
www.tv-nfts.com
tzonneke.be
www.udydiag.fr
admin.dev.usemason.com
staging.websler.pro
admin.wirolimo.com
zakat4u.zakatpahang.my
www.zobaze.com
zotasys.com.br
Other domains in certificate