Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=thelatestnovels.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
December 29, 2025
Valid Until
March 29, 2026
48 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
8F:54:DC:EB:13:2B:A7:97:F9:DF:CA:00:23:2E:2B:CF:3B:D7:D6:65:A1:42:6B:DE:41:E6:90:E9:DE:6B:DC:96
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
74 domains
obsidiansting.com
*.obsidiansting.com
1stkissmamga.io
*.1stkissmamga.io
*.ww38.1stkissmamga.io
acrilicoturbo20.com
*.acrilicoturbo20.com
asrablog.com
*.asrablog.com
avery-vadis.com
*.avery-vadis.com
avortic.com
*.avortic.com
bedspreads.com.au
*.bedspreads.com.au
*.ww38.bedspreads.com.au
burungbangau.site
*.burungbangau.site
*.o4k6vj4xrmqv10br.burungbangau.site
danielson.au
*.danielson.au
*.ww38.danielson.au
dialect.com.au
*.dialect.com.au
*.ww38.dialect.com.au
digitalshoppe.store
*.digitalshoppe.store
*.ebooks.digitalshoppe.store
*.kids.digitalshoppe.store
*.medical.digitalshoppe.store
domainsforlease.com.au
*.domainsforlease.com.au
*.ww38.domainsforlease.com.au
drish.studio
*.drish.studio
*.ww38.drish.studio
fistingfist.com
*.fistingfist.com
genepla.net
*.genepla.net
*.ww38.genepla.net
honourcunninglowest.com
*.honourcunninglowest.com
kingofthecage.us
*.kingofthecage.us
*.pay.kingofthecage.us
kristyexo.com
*.kristyexo.com
*.com.lsd.au
lsd.au
*.lsd.au
savoybetting658.com
*.savoybetting658.com
slicechocolate.com
*.slicechocolate.com
*.ww38.slicechocolate.com
sport1.au
*.sport1.au
*.ww38.sport1.au
thelatestnovels.com
*.thelatestnovels.com
*.analytic.totalskips.com.au
*.superset.totalskips.com.au
totalskips.com.au
*.totalskips.com.au
tumbleobjectswedding.com
*.tumbleobjectswedding.com
vnmoney.info
*.vnmoney.info
*.ww25.vnmoney.info
*.www.vnmoney.info
*.ww38.xsc.au
xsc.au
*.xsc.au
Other domains in certificate