Open
Cached
·
just now
88/100
SECURITY SCORE
Certificate Information
Subject
CN=fyno.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 28, 2025
Valid Until
January 27, 2026
55 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C3:62:04:F7:46:E4:39:09:C8:01:AD:25:E0:98:EE:61:95:CA:83:5C:99:B5:11:D7:D2:1B:9E:C9:BF:48:B4:AA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Good
default-src; connect-src; script-src; +9 more
default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ v.clarity.ms/collect *.microsoft.com *.adnxs.com *.tealiumiq.com login.microsoftonline.com bat.bing.com www.google.com google.com adservice.google.com pagead2.googlesyndication.com td.doubleclick.net www.googletagmanager.com www.googleadservices.com ad.doubleclick.net googleads.g.doubleclick.net; script-src 'report-sample' 'sha256-th47JTnh6tX15SUn/I+GGmsOSXpa7dh5Skner77gxlY=' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-RFqsjmAF1N5LnfpaHFvPqFlVkeIS/DtTAFor+JjJJVc=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-JfJ82reKxtqugVbfRGw/O/1x1Lm1I09rHueXSwvbRws=' 'sha256-BbV1i75oYRtLtfDWs7tnA8QLF5EOO1dVHKL0prVd/fQ=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com www.google.com/recaptcha/enterprise.js www.gstatic.com/recaptcha/releases/ www.googletagmanager.com/gtag/js www.googleadservices.com/pagead/ www.google.com/pagead/ googleads.g.doubleclick.net/pagead/ adservice.google.com/pagead/ pagead2.googlesyndication.com/pagead/ www.googletagmanager.com/gtag/destination merchantpool1.linkedin.com/mdt.js; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com edge-auth.microsoft.com flo.uri.sh play.vidyard.com www.google.com/recaptcha/ *.fls.doubleclick.net www.googletagmanager.com td.doubleclick.net li.protechts.net *.xlgmedia.com *.px-cloud.net merchantpool1.linkedin.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=gg
X-Frame-Options
Good
sameorigin
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Strengthen CSP by removing 'unsafe-eval'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
lukesw.net
22d.link
order.thedeliauburn.3bapps.com
a-plustech.co.uk
on.ambarmemories.com
amcmikro.hu
animetic-anthemic.net
math.aquibm.com
copihuedeoro.ar13.cl
attipas.hk
jtv.basketballireland.tv
catalogo.bindimport.com
links.blend.to
www.boratltd.com
www.brooksidequant.com
chiribogabros.com
coyo.clau.io
cloudlesstech.cl
ftp.finance.co.bw
colimatch.com
www.gautamarjun.com.np
tickets.contentoh.com
dietitiansuparna.com
digitetti.it
discord.docsoc.co.uk
math.stage.doodlelearning-us.com
olympics.dream-more.kr
schoolrukmani.edu.in
www.eol-sets.com
exclusiveprs.info
explorabox.org
ezfire.us
docs.finitechat.com
www.fourteenseventeen.com
frenchlinguisticsinstitute.ca
www.fretsandkeys.xyz
fyno.com
tools.gardenfrutta.it
www.genuine.fan
getuff.com
www.greensmarketingsolutions.com
team.hey-smiley.com
www.holsain.com
www.hpps-uk.com
iamjosiah.cl
www.itnry.com
www.jdsspiffycleaners.co.nz
www.jobzogo.com
kuraflix.com
lagloriaesdelsenor.com
learnaihub.ai
rastreo.logismad.com.mx
imanager.lshub.net
auth-dev.magoo.app
www.marktheiii.com
html.maxentwickler.site
metalurgicaemsalvador.com.br
dev.mlaw.ai
www.mphcassociation.ca
www.mslb-intellisoft.co.za
dynamic-links-prod.my-neighbours.com
www.nathandrichard.com
www.odchazejici-zeleznice.cz
test.orbiedtech.app
pancakehat.dev
www.philipmathen.de
www.philippgerber.li
www.radiotiempodedios.cl
raunak.me
auth.relative-ci.com
rstadvisors.in
saibeauty.com
international.semac.app
content.serpact.com
serranoburger.com.br
siyamcapital.com
www.spinthewheel.io
srignanitsolutions.co.uk
sterlinglutheranalaska.org
syzygy.lol
app.alpha.tara.ai
tekohana.com
www.texttoimage.io
thewip.work
tiny.gifts
pf3.tradeville.ro
traversoft.com
www.travisdockery.com
marketing.trgfiduciary.com
tshilidzi.dev
superapi.tuoferta.cl
app.turfcloud.com
www.useboomerang.dev
verse-bid.com
backoffice.vodium.com
app.warningtemperature.health
nightly.worldwidegeneration.co
beta.youtabox.com
ava3.yunastudio.it
zaramobils.com
Other domains in certificate