Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=yayofono.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 04, 2025
Valid Until
January 02, 2026
34 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
04:90:20:81:1C:3D:1A:69:A9:0B:FA:38:D0:15:A8:47:15:BA:8A:73:9A:E5:BF:75:10:EB:F4:2B:92:26:5C:1E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
tribioli.it
aisearchmonitor.com
amaan.ae
dev-links.andrew.golf
antoinespiteri.com
komkar.apricodex.com
media.arakene.com.br
avgpace.com
partner-preprod.axiocap.com
ayachiacademy.com
batifout.com
www.bearnakedshop.com
app.blueai.cz
lacristalera.bracelit.es
uat.bullmoonjunior.com
www.caballerosflyingclub.org
casualrankings.com
catalog-dev.central-robinson-line.com
www.clearplan.io
taskly.codesense360.com
www.cofdeal.com
cointaki.com
collaboratio.cl
admin.mna-vp.com.my
event.pixel-ai-2024.com.tw
condoally.com
www.contentidea.ai
coorat.app
cutbytonny.com
daleonardoindl.com
destaqueosalinstante.com
dmobile.app
www.farni-sbirka.cz
orexin.fsik.dev
fukustar.com
generalsbeach.com
globalmiuc.com
hirushafernando.com
www.hplogistik.cz
www.kaisermartin.de
catpos.kaleplus.com
www.leshchenko.biz
www.lexdua.com
lifecounter.app
task-creator.locus.sh
locationestimatr.marcrufeis.de
jsonlint.masonlab.cc
www.md5-generator.de
meadowlark-birding.com
melnikwineroutes.com
micor.cl
www.momar.dev
app.morpheusone.dev
mrhoney.dev
www.mrhoney.dev
link.mudcar.dev
npmify.nicola.dev
ninaterhaar.dev
about.nutchy.dev
dj.nutchy.dev
portfolio.nutchy.dev
ses-checkin.oktoba.dev
app-beta.ooca.dev
pacheco.dev
www.pastel.dev
maestromotion.paxlab.dev
portfolio.paxlab.dev
portify.dev
qwstspeakertraining.ca
www.restrantapp.in
broken.rousseau.dev
rousseau.dev
slides.rousseau.dev
rumakids.com.ar
try.ryota.dev
cylint.ryuse.dev
phiz.ryuse.dev
samconsulting.dev
pics.samuelcunha.dev
www.samuelcunha.dev
samwilkinson.dev
mortgagesim.sangregorio.dev
wirbewegen.scholze.dev
www.sebastianbenz.de
bingo.sekiya9311.dev
simondufour.dev
o.sozai.dev
steventhomson.co.uk
tarragon.dev
the-alchemist.com.au
watch.the-challenge.app
www.app.themetagate.it
ryd-developer5.thinxcloud-staging.de
tinydungeon.app
www.txtgold.de
www.uschtrin.de
verjaardagsactie.verschueren.dev
admin.vidoctor.dev
yayofono.com
paidapps.zwander.dev
Other domains in certificate