DNS Gurus
Open Cached · just now
77/100 SECURITY SCORE

Certificate Information

Subject
CN=www.zhukov.lv
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 26, 2025
Valid Until
January 25, 2026 64 days
Public Key
RSA 2048 bit Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B6:8B:C7:BA:E1:3C:28:94:8E:4B:6D:80:41:9C:11:92:65:14:5A:07:C4:14:65:AB:C3:9E:D9:93:AD:EA:DB:C9
Alternative Names
100 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains
test.caddiecertification.com

Other domains in certificate

join.2stable.com
lowes-kitchen-visualizer-test.3dcloud.io
acharyatraining.com
admin.ag-kiosk.ovh
hbu.agint.no
agroexportadoraperdomo.com
rutas-espana.airhopping.com
www.alejandrogzn.com
alias.cards
www.allergy-pal.com
appmazeme.com
www.arkeis.tv
ateliertantine.com
awardwinning.fi
dev.blocktistics.io
www.cahasmukhgogar.com
ccintl.cc
cgcmmap.com
app.cimma.dev
clcspace.cz
www.de-time.com.tr
www.themagictouch.com.ua
www.compensadosnn.com.br
console.compliancepal.eu
isp.admin.convercus.io
dev.converge.is
dev.1337.com.ua
shelter.dopomagai.org
www.ecomplus.app
launchpad.edux.one
blog.eeffoc.coffee
www.eficientis.app
drive.ejavec.org
ellahoefl.at
privacy.emoticup.in
www.fightstat.com
www.fwatc.org
qa-chatbot.gamewithservice.jp
howto.gigstack.pro
gotrace-dev.gochain.io
godreams.org
expense-tracker.gsconrad.com
guydecoration.fr
hammerzconstruction.com
helpmedoc.kr
www.hero-workout.com
www.idelab.com
www.jbio.co
www.jer.one
business.justpay.io
ezxhaton.kccricket.net
keynotestaffing.com
kone.laput.fi
rhythm-dev.lassio.io
auth.lehrer-bot.de
likelygood.se
health.luca-ai.app
www.luisbajana.com
marechercheimmobiliere.fr
app.mediaoxide.com
page1cookie.mymoons.mx
saudi.nationalday.ai
www.nattamelding.no
ozak.co
order.paleta.com.au
marlink.pensioenbij.nl
www.pensioenbijvlc-partners.nl
m.pge.link
link.picky.recipes
app-pre-prod.pixis.ai
play.pods.one
preronaindia.org
satyalegal.es
cdn01.saudiweather.net
shushuy.com
signpost.dev
www.simple1.dev
simpleclub.nl
partner.smartpayservice.in
www.soundinvestigations.com
ncp.stang.im
app.stockrocket.us
stscie.com
admin.studely.com
www.synth.sk
www.thebattingclub.com
int.alder-hey.thetraumaapp.com
www.tophatvideo.com
dashboard-preview-channel.trybe.fit
www.uneleap.com
www.useasycar.com
www.v-techno.net
dealer.vinsyt.com
www.werkstatterinnerung.de
wixadmin.wonkytech.net
my-test.yoshimoto.co.jp
www.youkno.ai
www.zhukov.lv
app.zibrowa.com