Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.dilettante.lv
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 07, 2025
Valid Until
March 07, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C4:F7:A3:98:4A:4A:EF:E5:C7:86:B3:AB:3C:87:52:A6:E0:2F:89:15:25:D3:A1:73:30:2B:78:84:C7:03:0A:F4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
pathfinder.nextit.be
www.acg.hn
c.activ.kz
shera.aimcomely.com
www.angelapastorinteriorismo.com
staging.awesometechstack.com
rad.bambu-mobile.com
wordrush.barenboim.org
links.batchii.com
bilalmasjid.net
samplestorage.binsto.com
bizcatpro.com
varanexus.cancanyou.com
waste.collecta.africa
niko-intendente.capiata.com.py
educadoras.contigojuegoyaprendo.cl
www.covingtonchiropractic.net
www.daunao.com
portal.ovn.devserver.cc
www.dilettante.lv
www.dorrells.org
offers.doukani.com
dryoga108.com
www.edelsah.com
serviciosescolares.effj.mx
staging.egab.co
mes.empirich.com
eren.enpoi.com
my.foleon.com
a07n.foodle.su
www.foodrestos.de
gateway-english.com
admin-staging.getmobly.com
griess.io
www.habitcrew.co.uk
hallmark-ai.com
hipoia.com.br
www.infitio.in
library.preview.inne.io
qa-rappi.inter.mx
www.interviewme.co.za
phucanangia.io.vn
irilleum.com
dev-l.jcuapp.com
www.beauty.jimba.cloud
www.juancruzpereyra.com
www.kilocharlie.uk
lippie-ahh.site
www.loanwolf.club
dev.lobbyspace.me
www.logitrix.net
www.ltdbroadband.net
michang.m1studio.co
www.mariappchi.mx
www.mayimspa.com
pos.landing.sell.millionsolutions.dev
esta.mmtr.jp
msts-hp.com
red.mysprout.cloud
na2.site
www.neurekalab.es
norththird.io
rffm.novanetlive.com
assess.dev.nside.io
nsjaisoor.com
onionknightlab.com
peach-app.io
polyvalent.co.uk
market.popcorp.org
power.com.br
www.pulsescientific.in
my.rebalancetech.com
www.redballoon.it
www.religionportal.org
lcinterviewer.rotec.dev
www.royalreelz.com
www.rudaina.org
www.scandle.net
www.securetix.app
seeimpacts.app
evault.sensa.solutions
parents.sentral.com.au
telestroke-hospital.sevaro.com
slemio.com
slikarskiatelje.rs
icndy8pidlpxypfpfuji.smartimob.io
ember-utils-react-sandbox.staffshift.com
www.stylemo.me
www.sunphysiotherapyclinic.com
tannens.camp
manna.tellstories.xyz
thedevteam.io
event-test.tixologi.com
www.topnotchservices.in
www.vettools.pl
activate.webstollen.de
etsy.williambayona.com
wolfs-ritterorden.de
www.worldbuildinggenerators.com
zizy.io
Other domains in certificate