Open
Cached
·
3h ago
92/100
SECURITY SCORE
Certificate Information
Subject
CN=nexax.global
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 22, 2025
Valid Until
March 22, 2026
79 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0F:13:97:99:99:45:78:63:28:7F:7E:1A:32:95:73:F4:76:0F:DD:11:A8:45:12:0B:57:61:04:A0:1E:47:51:F0
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
Content-Security-Policy
Basic
default-src; script-src; style-src; +8 more
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com https://assets.calendly.com https://js.driftt.com https://snap.licdn.com https://www.clarity.ms https://scripts.clarity.ms https://googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.calendly.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https: blob:; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://driftt.com https://customer.drift.com https://www.google.com https://stats.g.doubleclick.net https://www.googleadservices.com https://px.ads.linkedin.com https://www.linkedin.com https://clarity.ms https://z.clarity.ms; media-src 'self' https://js.driftt.com; frame-src https://player.vimeo.com https://calendly.com https://js.driftt.com https://www.googletagmanager.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
camera=(), microphone=(), geolocation=()
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
cloudcompliance.live
agromaxintl.com
aiwhispera.com
alexthewebguy.info
www.alfaradi.ma
www.alpsadmin.ch
rowing-test.altitudeteams.com
nurse-call-pwa.anbi-reception.jp
arcticairgate.fi
arkleenergy.com
www.asia888app.org
app.autoassistant.it
www.awma.ru
dnc.beyondcentral.com
biblepostbo.xyz
binxcrs.com
app.bizcards360.com
brownbearakademy.com
stage.carteiracliente.com.br
talent.test.castingapp.com
app.casus.ch
www.cheese.hu
chok-ddd365.live
carmo.co.in
www.carmo.co.in
hanbangedu.co.kr
konnexion.co.kr
ship12.codeshockai.com
www.codestarter.me
www.collectivo.online
phangnga.coralcollegethailand.org
share.corner.live
cwu80th-anniversary.com
d-96.com
www.doncalle.com
theprojectone.dost1.ph
dragonmatchgame.com
ebytech.com
dev.etabl.ru
firestartermedia.com
fivestarapparel.shop
a094.foodle.su
genesislifesciences.lk
www.getcoders.africa
greetings.gipreview.nl
www.hangoutu.com
planning.heenenweervervoer.nl
www.hi-armory.tw
hi5sport.app
todo.hypernova-prime.in
hayson.id.vn
merchant.ievsolution.com
yorkndc-fb.imines.co.uk
app.infinipost.co
inappuntamento.innovatutti.com
sca.jessepinho.com
jjagg.dev
team-trade.jrk.solutions
www.keynotecapitals.com
refer.page.kirayepe.in
www.konstantinschubert.com
www.laboratorioleac.com
www.lafemmebodycare.nl
digicard.longlifepartner.id
malibudance.co
moom24.com
www.myats.me
nathanum.me
navoffroad.com
netsolxperts.com
newzenith.ph
nexax.global
oldkidsontheblock.com
onewayoutstation.com
playid.playpark.com
app.poupimais.com.br
dash.quoteninja.co
merge4.dashboard.qvin.com
reverseaudio.fun
roie.is
www.ruddo.in
www.admin.rupeescouts.com
cloud.safera.com
partners.saleplaza.com
shop.saleplaza.com
www.santabot.org
schoudertassen.nl
old.orcas.stg.sennder.com
www.smtinfo.cz
static.triggerappy.info
www.trudoc.com.br
twonotch.capital
ujanitorialservice.com
playground-dev.upflowy.com
www.valley-builder.com
velvarskynapadnik.cz
www.whatsapp-direct.live
debatearena.yhatch.com
www.zizy.io
diet.zwanedev.co.za
Other domains in certificate