Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=testlab.agens.no
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 30, 2025
Valid Until
December 29, 2025
37 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
27:F6:5A:E8:B3:91:1E:9B:6F:3E:B9:50:C6:6B:7D:1B:39:3F:0C:16:F8:2B:37:2F:52:B0:02:A4:37:81:59:BA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
laser3000.be
www.10zebra.app
webappv1.academap.com
retros.aftac.dev
afttanitim.com
testlab.agens.no
converter.apphive.io
api-staging.applier.com
minecraft.astrabun.com
www.atuk.cloud
config.beehivebeach.org
analytics.bolububu.com
bongga.dev
bringbizon.com
comprobantesdepago.cc-irdigital.pe
beta.chargefinder.com
manage.cloud-terminals.com
conexfrete.com.br
cryptodadcollective.xyz
dowinapp.com
blog.drbu.edu
www.dreamoove.com
eboyclique.com
www.echovalleycampout.com
edwardji.dev
enginsengul.xyz
app.eventyrgames.com
fuzion.fndrsng.com
www.forktune.rocks
nrep.beta.fossilfree.com
piano.garrettroell.com
geooh-go.com
dev.globalfleetsolutions.co.za
godycountry.com
homocreans.com
iloasiivoukseen.com
institut-hugo.com
www.integrityautodenver.com
motm.jalowell.com
juliettenguyen.fun
www.kendavidsonlaw.com
www.kerneloffreedom.com
lend.test2.kiki.finance
app.konch.ai
virtual.liceolutherking.com.co
verifywithspark.lifeinfoapp.com
live-quiz-tv-dev.logicwind.co
d.loopm.co
www.luis.zip
acai.lupi.delivery
contracts.m.works
matecode.cl
mayhemstreamsfarm.com
members.metaversity.ac
alpha.minibareshoteles.com
capstone2021.missiontopsyche.org
web.mybestpic.com
link.mypips.app
correnti-cash.napp9.com
nelybehar.com
test.wsd.netbulls.io
www.object-oriented.dev
test.oresundpay.com
api.paerpay.app
play.partecify.com
xpromotion.pizzaentertainment.com
planetdoodell.com
www.plus-class.jp
popdega.com
portal-staging.rain.agency
refractx.com
admin-tools.remotemore.com
www.ressconsultoria.com.br
www.rohelevy.com
cloud.senseplatypus.com
shadowverse.cards
studio-staging.sidekickhealth.com
vtc18.simpliroute.com
digitaltrust.solerabank.com
campicar-app.speakylink.com
beta.spindrops.org
srasmiths.com
www.stardustlabs.co
streamer-bingo.com
suvincos.com
thedot.art
docs.dev.theout.com
www.thesyrianblog.com
app.trygeonie.com
url.tshtri.com
web.tsotsooai.com
ugoku.co.jp
blog.ultrix.digital
virginleaf.com
altasciences-2.virtooally.com
shared.whichone.in
www.wolfandpaper.com
www.wsdlc.com
abusaher.ymapp.co
doctor-dev.zaia.health
Other domains in certificate