Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=rootsyoga.sk
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 20, 2025
Valid Until
March 20, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
89:68:B2:01:82:58:A6:1B:1C:0E:C1:C6:D4:B1:E4:A6:96:73:33:DD:99:B0:29:DE:A3:C9:53:92:E7:25:D6:EE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
spltr.theeste.com
lab.123abc.com
tubepipe.africasunrise.com
arquivos.altforce.com.br
www.anagogie.ca
annelids.io
apilab.one
live.argos-solutions.io
pro.auxilia.cloud
ukmotorcyclesparts.banjobolt.co.uk
www.bemeeple.com
bgconnect.app
apps.booklazy.org
www.bridge-it.ch
www.causewaycoaststays.co.uk
uat.astra.choozle.com
www.collingwoodcarl.ca
www.happyzavr.com.ua
communityconnect.scot
staging.applink.communoplus.com
app.courierexpressja.com
www.cynthia-song.com
www.dearsinatra.com
detem21.cz
donnijssen.nl
driver.movie
app.dev.dronelink.com
pandrenthan.dv.in
www.evalli.fr
firebaseapp.exhands.org
www.findsomethingthatendures.com
joanne.frankmonaghan.co.uk
app.loanchien.funzy.vn
aialabtext.genielab.co
www.gis4schools.eu
pointz-test-front.glukynet.com
gokhana.dev
www.gptonvoice.com
app.hoteldieng.com
bike.hydroindustries.dev
it2000dqk.id.vn
www.interviewquestionsgpt.com
jennmarclassaction.com
jugbusters.com
keystoneceramics.co.uk
manage.knewsales.com
krtechs.dev
kwa.dev
resultados.labysalud.cl
leejayschmidt.com
www.letsdindin.com
stagingauth.letsgetoffline.com
lokali.vn
passportly.lordos.tech
loverock.com.br
mailmergedocs.com
cms.mammacheapp.it
sgic.marcafranca.com
auth.mealfit.id
mikeparsonsink.com
muhammedjobe.com
www.murosta.com
apps-link.nexquare.io
staging.ai-agent.nival.me
oonelab.com
oryza.me
easyastrology.pawprintf.com
wakacje.piotrpardel.pl
quiim.com.br
dev.rara.co
ricardogarcia.dev
ringkes.com
ripixel.co.uk
roas.cz
rootsyoga.sk
www.sabion.com.br
sambarbershop.it
saparodia.store
www.seijishukyoproyakyu.tokyo
sempreverde-lb.com
beta.sharedtexting.com
venuspublicity.showitbig.com
dactymo.signerz.com
www.snaplose.com
komeo.speakylink.com
sportscontroljrz.com
ndscratchadmin.sqwadhq.com
stalaverse.cn
stockforecast.de
stsquote.com
tog.systemdesign.no
tangabergstk.se
theotcmarkets.xyz
www.think007.com
allocation.transformairports.com
www.transport-bidegain.com
app.twilik.com
editor.wisibel.com
zachariacurtis.uk
app-qa.zaigetech.com
Other domains in certificate