Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.somabookstation.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 04, 2025
Valid Until
March 04, 2026
85 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C0:53:0D:B9:15:DA:59:F5:14:6A:9F:E1:99:1A:43:20:1F:6B:AE:16:D4:C0:81:8A:6C:21:85:B5:C8:BD:0D:2E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
partner-web.easykas.eu
blog.2ki.jp
72orionx.com
auth.ai-apps.store
www.alineprato.com.br
alolaproperties.com
appdelocio.es
apsandsapsandsapsands.online
onboard.astriadigital.com
bizappinc.click
bluhorizonllp.com
www.breadverse.io
breakinghabits.nl
routemanager.camigoapp.com
shawarmilaokl.capromenu.com
app1.capslocksupply.com
caradalp.fr
www.cayden.games
nhl-map.celtian.eu
krispykream.clau.io
www.matzlema.co.il
drventura.com.do
www.3gem.com.sg
test.softek.com.tw
app.contentoh.com
www.coredelivery.tech
fit-tracker.cschmitt.eu
dicodingin.com
resto.dihola.uy
www.e2mholidays.com
www.faluche.app
links-dev.fjor.health
www.forecastweather.co
fresquinho.com.br
www.fulldeals.in
io.gdgbaku.az
admin.gokey.tw
www.gokey.tw
habermacheraurelien.com
altona1.headraft.de
theme-builder.holtsmark.org
habitaprov-sjc.credito.ia.br
datvan.id.vn
indowavehomeinteriors.in
borastapeter-prod.web.innotactsoftware.com
app.intellicubix.com
jananipublicschool.in
jcprieto.es
www.jcprieto.es
jeppefrimann.dk
delivery.kaikosushihouse.com.br
www.awesome.kesug.com
kindeep.ca
www.koreanacorn.com
jornadasinnovacion.liidutpl.ec
www.lukeandlizzy2023.ca
www.luqmansaeed.com
macnchaos.in
makeelectronicsound.com
www.makex.studio
midhunkjayan.site
svenskamaklarhuset.demo.movello.se
www.mtc-cyber.com
pizza.notprometey.pro
novora.dev
www.ejin.or.kr
budgetguide.pannaedu.org
api.pielchinita.com
www.free-stock-search.pixelsucht.net
quizcv.com
radioapp.radiosa.biz
radiusfriend.com
renovatewell.com
rkmgrain.com
rootionary.website
roshika.in
sanviapps.com
mhos.sensure.in
simonaertsportfolio.com
www.somabookstation.com
storez.store
wed.sunilgudivada.dev
dealership.sweep.ie
www.products.payroll.swordnex.com
greetingcat.system-neco.com
app-staging.talk.bi
www.thrill-me.com
thuanloirubber.com
www.thuanloirubber.com
ioniclearner.tinklee.work
tix.tt
tollyhype.com
too-small.site
www.uiclap.bio
links.unoapp.io
www.vidfactory-ai.com
staging.wantage-markets.com
wgcvhoa.com
www.genrich.withorca.com
mta-sts.yukontec.com
Other domains in certificate