Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=nexus.partnerhub.co.za
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 18, 2025
Valid Until
March 18, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7F:8F:8F:A9:81:3E:E0:5A:43:53:EC:9D:A5:C7:F8:1A:48:43:76:1F:6E:8E:CB:20:1E:E6:09:4A:BF:30:07:B3
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
hearttheprocess.com
app.adalong.dev
namakkal.akdroptaxi.com
dreams.alexsquibbs.com
allpwd.com
apkappsales.com
lens.augle.io
axebear.dev
cleanup.bachmantoolkit.com
www.backseatdungeonmasters.com
cooking.beeveloper.de
app.staging.bestteam.io
bighouseatx.com
www.broccoapp.com
where-working.bytecodev.com
byteflipper.com
c19model.com
celestodon.com
celicacochin.com
circgovt.com
climbersagainstaid.com
convertiply.com
cossotconnect.com
www.custoking.com
api.d-solcatalog.com
dakshcarbons.com
daocreates.com
blog.dbilgin.com
www.dishlicious.de
admin-staging.dosehelper.com
match.riobrancofac.edu.br
efergon.com
www.elegantarchitectural.com
eletricsom.com
emergency-hamburg.com
everycourtcounts.com
edocert.exagonplus.com
app.farmbov.com
flightyfelongames.com
music.fofo.dev
www.forter.dev
garretjames.com
gdgoman.com
app.goodpayers.com
gorievent.com
svm-dev.gospurr.com
camkule19asm.gov.tr
guitarlessonsswansea.com
projectzoperationvi.id.vn
infinititechsolution.in
kpl-release.ischoolconnect.com
jamesvmusic.com
www.jamiessoftware.com
service-thinking.jason-e.dev
www.jobeagle.app
jonpahl.com
kerkesix.fi
krrajnish.com
chanel.lefty.io
gc.makushev.com
maxwahlgren.com
app.nafakt.hr
procure.nanosoft.co.za
oshukai-karate-68.fr
padelpulse.app
nexus.partnerhub.co.za
paulportal.com
prudentcpa.com
www.quietalk.com
ralf-mack.de
www.redmilelimousine.com
portal.ssipmt.researcherconnect.com
rtsfares.com
www.saaasllp.com
www.scottkip.com
servicretohn.com
eir.softwerk.se
shareprd.sparrowconnected.com
spruitview.co.za
schoolgrants.stmath.com
tanomudo.com.br
rexel.tempotech.com
www.theorygenerator.com
thetagcreatives.com
myaccount.thewaybackvr.com
thiagopuche.com.br
www.tipsytourney.com
www.tonymolumby.com
topapps.dev
www.topsun-fpc.com
twinc3.com
office-staging.typex.kr
www.ukuntu.com
vardaanshukla.in
veyselace.com
www.visual-raffle.com
www.vw-rak.fi
waillan.digital
yei-solutions.com
www.zilliox.ch
Other domains in certificate