Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=aleks.rocks
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 26, 2025
Valid Until
March 26, 2026
69 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4F:4E:5D:60:52:29:03:4D:16:1B:F7:EC:43:5F:08:B3:CA:7A:32:AC:EC:24:F5:5E:D8:0D:12:F7:07:E7:7E:9B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
codeinloop.com
share.1060app.com
beta.doctor.aarogyaid.com
beta.payer.aarogyaid.com
digitisation.aarogyaid.com
doctor.aarogyaid.com
nhcxbeta.payer.aarogyaid.com
processdata.aarogyaid.com
qa.doctor.aarogyaid.com
dashboard-sicollection.advocatively.com
aleks.rocks
aurax.top
link.avayarsanat.com
ai.blacksandsystems.com
www.cabhoomikadevra.com
showtime.cbcinemas.com
epilog.com.hr
davechong.com.my
fleura.com.tr
www.creatorfinderhub.com
deercrm.in
www.courtage.diamsauto.fr
www.differenttraffic.com
staging.diggri.com
account.digicargo.ai
store.digicollect.app
rider.dropquick.online
store.dropquick.online
efcompliance.com
new.estmodel.app
payparking.finavia.fi
fitnessmatch.com.au
fixed.uy
galaxygame.pro
gem-enterprises.in
www.gem-enterprises.in
www.gesell.no
httpshallelujahinternationalministry-him.org
dqh2712.id.vn
innovartech.net
sokov.jakb.cz
www.janmichek.cz
toolbox.jlab.co
k-haehwadang.com
changelogs.agenticaiflow.kalisi.dev
inschrijven.kvwbeek.nl
lanelogic.net
laptopdonor.hu
lexiehomes.com
triplist.maxbrunner.at
meletiosmusic.com
metrohar.com
www.metrohar.com
www.milact.jp
photos.milhizerfamilyphotos.org
auth.mpawer.dev
lovewings.mystatuses.com
map.n25waterford2glenmore.ie
neco.dev
go.nmarket.pro
www.onoctopus.com
map.ontariogarlicweek.ca
parametricdesign.com.au
www.partners.pupford.com
rackntrack.com.au
lab.randomee.tokyo
www.revizeostravsko.cz
rons-props.com
portal.rzlaw.id
www.saintsclout.co.za
seal-home.com
shrameco.com
skryvo.com
skyboundmi.com
www.skyboundmi.com
stage.spext.co
evento.taniafruchi.com.br
tannder.com
tapaka.app
app.thelocaledit.com
dev.tinyview.com
adbook.tross.se
www.trystboutiquehotel.com
seisankun.tsubakitech.com
dc.tthexpress.com
admin.twpe.co.nz
office2-staging.typex.kr
admin.vahaso.vn
app.vahaso.vn
apps.voltio.com
wakart.app
walabox.shop
bodyfit88.xit.nc
qid.yelloskye.com
youmustbemistaken.com
ywsoo.my
www.zennetaler.be
jobwork.zibma.com
assets.jobwork-stg.zibma.in
jobwork-stg.zibma.in
Other domains in certificate