Open
Cached
·
just now
80/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=lahjakortti.veke.fi
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
April 16, 2026
Valid Until
July 15, 2026
74 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
86:CE:B0:7E:F7:3B:7D:9E:33:FE:70:2A:39:3A:BF:40:04:A5:CD:D1:C6:07:6D:1C:DC:95:A6:4F:A7:27:94:06
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
comodoca.com
digicert.com
; cansignhttpexchanges=yes
globalsign.com
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
sectigo.com
ssl.com
Wildcard CAs
sectigo.com
ssl.com
comodoca.com
digicert.com
; cansignhttpexchanges=yes
globalsign.com
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 7 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
100 domains
database.dog
789avoider.com
activetech.nl
www.ai4t.co.kr
anstir.com
aqms.gmbh
www.arcusit.com.br
abramge.arvo.com.br
www.atsiusa.com
balivetvisit.com
beside.by
maneki-neko.bijouxday.com
bistrapor.com
blutechnologies.org
www.blutechnologies.org
dashboard-staging.cartaclub.com
casamentovl.site
www.chainword.in
chan.bio
choosechicagolimo.com
get.churni.io
clinica.cl-desarrollosweb.com
classtools.io
partners.cloudgallery2026.live
www.compe.golf
www.conferencecloud.net
app.copagio.de
copyboard.in
www.creative-alchemy.live
www.rac.marn.ct.gt
auth.cursotobias.com.br
not.defter.im
zo.di.ac
www.dijitalpediatri.com
droptaxiz.com
www.droptaxiz.com
drvancechiro.com
drzafersoyuk.com.tr
dma.easy-soft.group
www.elmosbah.com
ezkarapp.com
dev.getbizzie.io
gotakt.de
invxtra.in
ishqoraai.com
volunteer.jbuddies.app
social.kikoba.app
koj.im
ladypass.com.br
members.langarafaculty.ca
www.limocavalier.com
livemeetcall.xyz
homesearch.martyrodriguezteam.com
datasmart.medismart.live
auth.meinzeuch.de
app.mesutaslan.net
ministryorder.com
newnich.monto.work
www.mygifter.com
auth.nalogi.online
webdesign.nanistudio.org
nitheeshmohan.xyz
app-pre-production.nowboard.tv
app-staging.nowboard.tv
app-testing.nowboard.tv
app.nowboard.tv
www.plansal.com
polymetronome.com
www.polymetronome.com
portals55cash.com
www.portaluci.com
profemilenavargas.com
pythadri.com
www.salahlo.in
www.saleswolves.io
bitbound.sandunsiwantha.com
sensoria.cl
www.sensoria.cl
signoffnow.com
skacademy.dev
integrations.speculo.ai
subtropi.ca
weddingtalkshn.swanmoments.lat
www.swarmop.com
tentagraph.com
theaasthaproject.com
tinagusia.com
tizacam.com
admin.twinesbytaani.com
dodgereco.u-mu.net
www.ulissesmoreiraneto.com.br
lahjakortti.veke.fi
velocelabs.studio
ab11402-orders.waiterpro.com
xrajan.com
www.ysr.autos
zadriving.com
ficuspax.zolnoi.app
admin.zovuhq.com
zovuhq.com
Other domains in certificate