Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=resource.nicebooks.net
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 20, 2025
Valid Until
March 20, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9C:01:1F:3C:DE:26:45:A0:1D:16:6D:1B:FA:45:A4:F3:96:5C:5F:32:24:6D:59:1C:A1:4B:01:6A:5E:06:EE:4A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
pdf.uddl.ca
aarinjasikumar.com
www.aaronmarquis.com
sandbox.activelymike.com
alertfires.com
cross-switch.alias-solutions.net
anchorworkforcesolutions.co.uk
www.apronnotes.com
arunabh.online
keepdoc.atlantico.digital
postofficescoin.eu-west-3.aws.aurosoftware.net
autobidcrypto.com
www.avidonic.com
bede.no
apps.biketerritory.com
biryaani.com
bromleytuition.co.uk
staging.budsense.link
canozenlaboratories.com
ziekenhuizen.cao.app
carcostcompare.com
centrodan.dk
www.policykaro.co.in
d.dayeapp.net
devlorenzo.com
demo.doc.cr
myshipments.dpd.co.uk
platform-staging.engram.io
eurekateachings.nl
www.firebasebuilders.app
fruitlady.farm
fukko-skett.jp
gamify.gg
getyap.app
soup.githelps.com
hemihemi.com
www.honeycomb.chat
app-bridge.hotwax.io
facilities-dev.hotwax.io
www.hseindia.in
www.idoctoraccess.online
dev.indiadailynews.org
janfiedler.ca
prayer-times.jiwar.co
kagalakan.info
kakar.it
karinvrealtor.com
sudoku.marfor.io
opg.medentec.com
www.mednaath.com
meptrend.com
www.meptrend.com
miltiadisntinos.com
mixdata.jp
support.mobile-order.app
experimental.daq.morgansolar.xyz
www.mscconnect.nl
weeart.myonespace.online
paristech.newschool.edu
resource.nicebooks.net
distributedid.nilesfromm.com
nimmerfort.eu
www.optimaldfs.app
community.mlptf.org.my
www.osoari.fr
pinkoi.io
presentpals.app
profitandlossgraph.com
psychologrogowska.pl
psychologrogowskawidacka.pl
renomo.eu
forms.rgasesores.com.mx
link.salamana.fi
saodev.com
sashazimulin.com
www.seohub.hk
shipra.io
feedbus.shoffr.io
studio.elevance-dev-us.cluster.sidekickhealth.com
www.skillupitglobal.com
www.so-vedant.in
app.stanik.in
superawesomelab.com
bookmarks.svedjebratt.se
tandheelkundig-nieuws.nl
teetimealerts.io
tetoviraona.hr
slot.themakersfair.pics
toddmurchison.net
www.traceur-de-lots.eu
app.trendio.live
trifey.com
www.trifey.com
uiwebkit.com
app.vithas.es
voteagostino.ca
www.wellnessovereverything.org
wersociety.me
boat.yakamazu.app
zarduxdigital.com
Other domains in certificate