Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=lionita.ro
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 27, 2025
Valid Until
February 25, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
94:A4:1E:2E:00:D1:59:69:58:99:2F:DC:84:FB:D4:32:82:2F:E1:5A:C9:37:0B:03:AC:02:70:62:34:FD:9B:97
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-z1xXId7-5uPdED_jqygP6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
links.knowable.fyi
3ddesigningshop.com
console-dev.dooh.adasiaholdings.com
www.alexandre-paradis.ca
web.apppersonalfit.com.br
www.product.autoformsai.com
autonlp.ai
babyancestry.com
staging.team.bbcmaestro.com
bearybestrealty.com
better-self.me
boathouse.group
app.bookfocal.com
boots.nl
bpwoerden.nl
byupro.com
byuproject.com
casa-h.com
certifast.es
play.cervonwong.com
chandaluri.com
cube.chronotope.io
pocket.co.id
music.cornel.su
creativebytecrafters.com
anandayphoto.docchula.com
dwwelding.llc
dx-factory.jp
www.edgar-dias.eu
url.up.edu.mx
eeshahospital.com
app.eintrade.eu
chevron.elsa.sg
gtag.emptyobjects.com
www.esgpeixun.com
www.freshfeet.org
www.getcallrecorder.com
www.giancarlolamberti.cz
builder.globaldevhubs.com
softnest.globaldevhubs.com
admin.graduategowning.co.uk
grafeny.com
hottake-ranked.harivardhineedi.com
app.high-d.kr
journestra.com
snkgcounter.jovdev.com
nfc-test.kitsbetter.com
tag-test.kitsbetter.com
tax.landonmayo.com
taxapp.landonmayo.com
www.lanubegranada.com
lindtafterretail.fr
lionita.ro
www.livingroupinvest.com
www.lorenaguartazaca.com
huawei.maglo.co.uk
www.maridalsveien160.no
marvelrecruits.com
www.marvelrecruits.com
meal-gen.com
medicairsystems.com
mgruszecki.com
boggle.morganengel.com
muscleauditor.com
www.mwstudioprojektowe.pl
mylumierehotel.com
game.neowake.de
bunko.newmaison.jp
premium.oechsle.pe
oliviawhale.com
www.opensio.com
pilotsloungepro.com
glmpromotora.presen.ca
primelistings.in
www.pro-debarras-marseille.fr
rafayshah.com
app.recall.wiki
receiptsheet.com
www.rolfverschuuren.nl
samabbott.me
www.sisnordbau.com
spiremaritime.com
www.startech-digital.com
staypg.in
healthcare.supertails.com
www.superzookelsti.dk
l.swisschemgas.com
tecpulse.pe
pay.teeku.net
thewinterborne.com
ship.thinkflow.ai
web.timer.watch
app.tpqrcouriers.com
vibeotter.dev
vijaythedeveloper.in
www.worldl.io
wrozga.com
test.yah.ac
ybdt.ee
yunacaba.com
Other domains in certificate