Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=dedy.no
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 19, 2025
Valid Until
January 17, 2026
64 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3A:EC:1C:87:1F:28:B0:12:8C:2C:8D:A9:2B:50:F8:DF:4C:48:C5:DB:85:8E:1F:EC:ED:12:7C:6C:2D:47:1F:CB
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
calengrid.com
22strategiesllc.us
dev.360text-to-pay.com
3wayballvalves.com
aakaashengineering.com
aesfron.com
alrightnotes.com
oauth.anecdotes.ai
driverparking.appskoko.com
ashbytechrepair.com
app.atria.mobi
bulbsort.com
finn.bussiere.family
www.caryncorey.info
integration.cleverti.me
www.cloudsmarterconsulting.com
www.agrivikas.co.in
www.wisdom360.co.in
account.cogs.show
coher.shop
dedy.no
www.deepskyartist.com
www.desarrollador.info
digimaxad.com
drbarlajourne.fr
www.duan.li
eastlakeview.com
elegantarchitectural.com
www.etdesign.co
www.fistbonksaga.com
password.gnrt.app
gotl.jp
graphline.io
static.h4p.fr
r.ibuprom.pl
evento.indefini.do
cloud.iotize.com
www.jddesignsbelfast.co.uk
jodblog.co.uk
www.jordanstorms.com
josephabingham.com
jpvirtualmall.com
www.knightgames.org
koeru-lab.com
links.konsi.com.br
kurczmark.com
app.languages4business.net
leansoftwaredelivery.co.uk
liftclubapp.co.za
kagoshima.linx.live
livemachine.com
lro.cl
fins.macademy.in
mangooh.com.br
matchhorse.com
www.mickdewaart.nl
www.mineyourtime.com
sundgau.montri.fr
app.murallink.ca
bandungreadymix.mrizk.my.id
links.myjobee.com
analytics.mytechnis.com
help.mytestapp.me
speed.samsam123.name.my
www.necta.nz
www.nilus.org
impostor.niuo.fr
noisy.studio
onapau.cat
auth.ops.internal.ownhome.app
gc.staging.quintoandar.com.br
future.re-ynd.com
www.resume.dog
app.rextrouvtou.fr
www.servicretohn.com
app.setscale.com
www.siebetest.be
password.simonolander.org
staging.soapbox.house
domain2.stepinsight.io
fiveminutes.stunning.studio
supersagaofficial.com
syntoro.app
dev.hub.techreturners.com
thebarberatlionpride.co.za
theearthenpot.com
thendos.online
tlic2025greece.org
preprod.training-diary.app
trancetunes.in
truck4up.com
dashboard.trugpa.com
trustinfra.ae
veeplast.vindhyaindustries.com
wd.votei.app
film.vteam.com
whatwas.app
cid.whocame.in
wifisticker.ru
blogs.williamhuang.org
Other domains in certificate