SSL Certificate Analysis for leija.se - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=pizzaburguer.corntech.com.mx

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

January 04, 2026

Valid Until

April 04, 2026 87 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

0F:3E:CC:A0:BB:99:19:27:E8:5A:8D:F1:01:AF:DF:2A:E2:97:FA:5F:82:32:19:8A:BD:67:04:91:E6:74:2F:61

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

leija.se

Other domains in certificate

11zoo.com

www.airabica.co.za

apollo-solutions.com.mx

app.asdcourierja.com

app.asiguraricontactless.ro

www.bazha.ru

blomstermakeri.se

www.breezecolourfulpaintingservice.in

ciascore.site

staged.bizzlab.co.in

coachsemir.com

www.saletaneczne.com.pl

oguzhan17promaxalabildimi.com.tr

controlwebpro.com

pizzaburguer.corntech.com.mx

cowguard.net www.cowguard.net

www.danubiuscorabia.ro

auth.delern.org

designbymaryam.com

www.destinsdefemmes.fr

www.dev6.com.br

movies-spa.dimitargegov.site

echecker.fun www.echecker.fun

www.eleaima.com

app.enwake.com

purp-pretest.ezschool.info

fitb.fun

admin.fototrans.in

covenants.ftrustee.com.br

getafeel.com

giorgioprovenzale.it

www.globridgecapitalifsc.com

x-share.gocad.de

guesthouse.photography

heavenly-library.com

ignitedbrandz.com

docs.inchurch.com.br

indrasnectar.com

www.inhousechef.org

links.inneri.io

merchant.intelibuy.my

shoplite.itsltd.rw

jnjsoft.co.uk

www.just24.in

www.juvenc.com

kieuly.com

www.kit-solutions.de

www.klasseplanen.no

auth.test1.lecre.kuraemon.com

linkswapr.com

remedi.lucaszafret.com.br

www.menunix.com

deliverytracker.michellemade.com

www.newspace.im

nextaibridge.com www.nextaibridge.com

www.niceprototypes.com

manage.nivedhitaschool.in

audits-dev1.nucor.report

www.nybondcalculator.org

placement.oceanacademy.in

panel.ohmobility.com

maintain.omnevu.com retail.omnevu.com

byteforge.paxus.in

aliceandolivia.demo.pbj.live

app.plongee-thionville.fr

hot-seat.polypoint.dev

pupsi.eu

remyos.de

resende.app

reservationtr.net

app.reyoga.com.br

news.rijoan.com

mega.saleshubagency.com

samsungdooras.com

schnellstudio.de

sensationsbymicky.be

www.sitapp.app

www.skepglobal.com

docs-preview.solvapay.com docs.solvapay.com

www.spiritforge.app

surchauffe.com

bodanathalieytristen.swanmoments.lat

constructora.synergit.cl modern.synergit.cl

auth.teamkeepup.com.br

themellowghekko.com

www.thesimpleinformatics.de

truevalleyhomes.com

campettogo.virtusrea.it

www.visitplann.com

vituviagens.com.br

reviews.vivolux.de

www.1622.farm

yqsy.autos