Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=trefoten.no
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 15, 2025
Valid Until
December 14, 2025
30 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
21:61:B2:C7:3B:2E:75:69:DB:93:39:6D:3C:3B:35:A0:E8:92:A1:AE:70:BF:69:7B:5E:BB:69:4F:02:0C:A8:36
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
flyorka.com
4d3.space
aadven.com
www.addictnet.online
console.afrienmastermind.org
admin.ageekguide.com
assure.travel
www.awomansmitzvah.com
callblocker.badiale.dev
images.bethengine.com
www.calyst.one
curso2025.casaduana.com
chithtoo.com
abdhullah-travels.code-intel.com
www.codecrown.in
www.coloryourvoice.com
summit.coopsafrica.com
creativesage.co
www.drhuan.de
www.drjenafernandez.com
escolaraphaelrabello.com.br
www.etruscan.com.au
supersolidaria.ferial-e.com
pragma-kintai.fit-link.jp
frontierflux.com
app.getchecka.com
dev.getchecka.com
staging.getchecka.com
notifications-page.fm.grzeg.pl
developers.guivus.com
app.happiehorse.com
factura.hazconta.com
facturas.hazconta.com
admin.hazview.com
staging.hazview.com
hiprogress.com
www.hive-world.com
www.hostalroma.com
hotelchoudharypalace.com
www.huntcrow.com
www.iaconopellicceria.it
inevitableriseofthemachines.com
dms.infotisak-koscica.hr
injazco.sa
mloz-id-dev.input4you.be
tienhoihanoi2.io.vn
psnstore.jeuxvideo.com
pwa.odoo-demo.kanoonth.com
lcns.co.za
www.levelup.se
snake.lskel.com
www.lyon-tex.com
www.marcipetfood.hu
www.markerpad.app
www.mccartysautosalesllc.com
www.meghaos.in
www.mettaeduca.com
www.convergence-garonne.montri.fr
www.muruvvet.de
naveenalavilli.dev
neolexical.com
staging.nexusroboticsfoundation.org
www.nikhilgajghate.com
fit-n-flex-arena.nurweb.dev
okanerdincarslan.me
openworks.it
www.padmap.org
www.palletssrl.it
pavilaw.co.za
zgrada.pfs.rs
pianobuyback.com
www.pianobuyback.com
www.pitman.be
www.pldelnord.cat
quizandbrainteaser.com
africa4x4rental.ratality.com
rather.vote
repdominicaine-eticket.com
ricoenergiasolar.com.br
ronlinexperfumeria.com
runstrong.life
www.santaroza.hu
internal.seriringgitmotors.com
app.sewaora.com
admin.smsenterprises.store
data4city.links.spectos.com
tamagotcha.world
link.beta.demo.teamraise.app
cms.texasenvironment.org
app.transporteszacarias.com
trefoten.no
v-architects.jp
www.wayfinding.co.nz
portal.windoware.com.au
form.wl.team
xuefeifigolin.com
portal-staging.yourgutmap.co.uk
www.zakwill.com
test.zeffi.dev
www.zhenghaoya.fit
Other domains in certificate