Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=love.stickotext.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 06, 2025
Valid Until
January 04, 2026
35 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C8:9B:69:33:4E:18:11:B8:D1:29:8B:65:3D:B0:24:F4:A2:58:AD:01:BA:ED:86:86:3A:45:D3:53:6A:30:4D:70
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.unifiedministries.app
profissional.afrosaude.com.br
api.agassist.co.nz
q.ahkam.ae
aplayer.info
arnimaal.org
artco.app
www.assetstratagem.com
dev.cestou.azoup.app
www.blaulichtplaner.de
bolaoleopoldina.com
bookofchanges.info
link.cartmate.com
caservida.com
paltech-elib.co.ke
corthy.com.br
www.darkimmune.com
devputers.com
djiremote.com
admin.doahuddle.com
www.drpranoygadi.com
tools.eclipsisaureum.com
emissaosimples.com.br
ac360-manage-dev.enablus.com
my.epesipay.com
www.extrabandwidth.llc
app.ezpresta.fr
www.factfilter.biz
dev-console.mimi.fd.ai
mapsbooking.flashaim.com
www.forkandeat.com
fortniteapi.dev
www.tutor.getyasa.com
www.gotohayato.com
www.grovemutual.com
qa-app.guustav.com
dl.human-detector.com
hypsteric.com
links.ifdflowersla.com
inspeer.net
super.invupos.com
jadacha.com
jayeshbhadja.me
www.kafeel-ahmad.in
alacrity.kevinbedi.com
verifica.kmiguel.com
www.lerempla.fr
vasep-admin.m1studio.co
www.mentzelo.com
api-cardapio.meuelevestage.com
tienda.milycosmeticos.com
www.mrnames.co.uk
www.nandiraju.com
www.nilabnutrition.com
api.norskhelseportal.no
auth.northstarkpis.com
web-dev.ondagoapp.com
oniontable.com
api.local.onshop.lk
www.p12y.com
paulleonov.com
paybee.club
cms-staging.phq.nz
www.predilectasorocaba.com
app.presscleaners.com
needlepoint.productgenius.io
to-me.purplit.com
qman.io
analytics.raksul.com
www.refallantas.com
reisetipp.app
robertfrigerio.com
rockwelltechnologies.com
rookfinancialwellness.com
www.rootdir.be
customer.seeqnc.io
beta.shackers.xyz
auth.slod.com
smarterhof.com
unikorn-app.speakylink.com
stadiahunters.com
love.stickotext.com
strongpigeon.dev
dev.syzl.io
technomappi.com
time-to-drive.com
www.traderhq.com
app.trustcentral.app
www.tsentineltech.com
turniermanager.app
unifit.turnosweb.app
ukrainify.org
installer.unloc.app
uocmedia.com
privacy.usemason.com
watts-news.com
wetrieve.com
what-cbd.com
wildnorthseafoodco.com
wingcluster.com
Other domains in certificate