Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=books.lycka.cz
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 14, 2025
Valid Until
January 12, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
71:4A:AE:27:81:4C:D5:39:52:7A:84:C7:B1:74:EB:66:16:B8:DA:D2:56:B5:6D:99:44:89:39:BE:D4:79:BF:D1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.damienoliver.com
100marathonclub.id
2023.inventorsday.pl
3syp.org
b.aahub.org
abue.org
adildursunokullari.com
advenchore.app
allergin.online
hosting.altairstudios.es
ambrandom.com
animeflvs.net
apps.aprifield.com
matrix.atgrapevine.com
axis-studio.com
ballotbloc.com
www.bestspotss.com
bizsaya.com
bodajcrebe.com
www.bongkert.com
annex.borneoapp.com
www-dev.burningsea.com
cadlox.org
campus-ally.com
www.chriskript.io
devops.citadel.tools
admin.claimback.org
demo-admin.cnected.com
infinity-developers.co.in
teachers.studypal.co.in
www.qwikbuy.com.ng
stuladhar.com.np
video.binijshrestha.com.np
cypherex.ch
d4dsplanner.com
datasciencegt.org
www.diyet.online
dokidokiundercurrents.com
pocket-recipe.dvasquez.net
fun.eezytutorials.com
admin.efex.finance
www.eq8.app
www.fixcare.kr
david.fornever.de
forms.global-center.co.jp
gokonstantin.com
haleygoldin.com
app.happysaver.tech
honistadownload.store
dashboard.intellidentpdr.com
intellidentpdr.com
irace.club
kiagranby.com
books.lycka.cz
mapgallery.online
inscription.medibox.fr
oikos.meizon.it
www.mimicando.com
quize.mindpuzzlers.com
www.minecraft4nerds.co.uk
sbi-haitou.misosi.ru
www.mithilapacktech.com
www.monkview.com
mr-bobo.com
cms.mywero.com
www.n-sync.com
admin.nextorder.nz
nisti.app
nuancier-relationnel.fr
staging.openomic.dk
aashirwad.iotbit.otobit.com
pledge.painttopledge.com
peer-squared.info
photochromic.io
www.app.pinkmapp.com.br
www.pinturascristi.cl
entrant.privatehealthcareawards.ie
hub.ruggeddata.co.uk
static-firebase.seattlesymphonychorale.org
sexydixyads.com
www.shtum.com
sipofcode.com
www.sudroptaxi.in
p2gc02.syahrulnines.cloud
www.thetrehan.com
thetutorology.com
b.unch.es
unfasten.app
www.verbs.me
vertigocreativo.com
streamingsforum.violenciadegenere.org
crypto.viral.net
weiner.fish
wimaxs.com
realty.wittlab.kr
patients-demo.wmatelesalud.com
maps.xcode.no
www.yello.one
demo.zist.be
cml.zp-ls.com
Other domains in certificate