Open
Cached
·
just now
89/100
SECURITY SCORE
Certificate Information
Subject
CN=oxilionng.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 13, 2025
Valid Until
January 11, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
02:F9:E7:41:DE:9E:68:25:16:40:F1:47:A4:45:90:7F:F0:1F:E2:59:3D:2F:D6:AB:03:A7:C5:CE:8E:C3:D9:11
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; script-src; style-src; +8 more
default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' sgtm.new-energie.de www.googletagmanager.com *.usercentrics.eu *.facebook.net *.facebook.com facebook.com *.linkedin.com *.licdn.com *.analytics.tiktok.com analytics.tiktok.com *.mouseflow.com login.new.de login-test.new.de *.new.de *.new-energie.de new-energie.de sst.klickenergie.de *.klickenergie.de images.ctfassets.net graphql.contentful.com https://app.contentful.com *.friendlycaptcha.com *.trustedshops.com *.trustbadge.com *.api.etrusted.com *.etrusted.com *.moin.ai *.staging.realperson.cloud *.realperson.cloud wss://*.realperson.cloud *.chime.aws wss://*.chime.aws *.cituro.com *.app.cituro.com *.talk-n-job.de talk-n-job.de *.pixel.spotify.com https://pixel.byspotify.com https://pixels.spotify.com *.vlink.com *.eaglepixelstreaming.com wss://*.eaglepixelstreaming.com *.eagle3dstreaming.com;style-src 'self' 'unsafe-inline' login.new.de login-test.new.de *.new.de *.new-energie.de new-energie.de sst.klickenergie.de *.klickenergie.de images.ctfassets.net graphql.contentful.com *.trustedshops.com *.trustbadge.com *.api.etrusted.com *.etrusted.com *.eaglepixelstreaming.com wss://*.eaglepixelstreaming.com *.eagle3dstreaming.com;worker-src 'self' blob:;font-src 'self' 'unsafe-inline' data: *.staging.realperson.cloud *.realperson.cloud wss://*.realperson.cloud *.chime.aws wss://*.chime.aws *.cituro.com *.app.cituro.com *.eaglepixelstreaming.com wss://*.eaglepixelstreaming.com *.eagle3dstreaming.com;frame-ancestors 'self' https://app.contentful.com *.eaglepixelstreaming.com wss://*.eaglepixelstreaming.com *.eagle3dstreaming.com;frame-src 'self' *.facebook.net *.facebook.com facebook.com sgtm.new-energie.de www.googletagmanager.com *.usercentrics.eu analytics.google.com *.analytics.google.com google.com *.google.com *.googleadservices.com googleadservices.com *.doubleclick.net *.google.de google.de *.google-analytics.com login.new.de login-test.new.de *.new.de *.new-energie.de new-energie.de sst.klickenergie.de *.klickenergie.de images.ctfassets.net graphql.contentful.com *.talk-n-job.de talk-n-job.de *.jetzt-mitmachen.de *.youtube.nocookie.com *.youtube-nocookie.com *.eaglepixelstreaming.com wss://*.eaglepixelstreaming.com *.eagle3dstreaming.com;child-src 'self' login.new.de login-test.new.de *.new.de *.new-energie.de new-energie.de sst.klickenergie.de *.klickenergie.de images.ctfassets.net graphql.contentful.com *.eaglepixelstreaming.com wss://*.eaglepixelstreaming.com *.eagle3dstreaming.com;connect-src 'self' sgtm.new-energie.de www.googletagmanager.com *.usercentrics.eu *.facebook.net *.facebook.com facebook.com *.linkedin.com *.licdn.com *.analytics.tiktok.com analytics.tiktok.com analytics.google.com *.analytics.google.com google.com *.google.com *.googleadservices.com googleadservices.com *.doubleclick.net *.google.de google.de *.google-analytics.com *.mouseflow.com login.new.de login-test.new.de *.new.de *.new-energie.de new-energie.de sst.klickenergie.de *.klickenergie.de images.ctfassets.net graphql.contentful.com *.friendlycaptcha.com *.algolia.net *.moin.ai *.dienetzwerkpartner.com *.staging.realperson.cloud *.realperson.cloud wss://*.realperson.cloud *.chime.aws wss://*.chime.aws *.cituro.com *.app.cituro.com *.pixel.spotify.com https://pixel.byspotify.com https://pixels.spotify.com *.eaglepixelstreaming.com wss://*.eaglepixelstreaming.com *.eagle3dstreaming.com;media-src 'self' *.eaglepixelstreaming.com wss://*.eaglepixelstreaming.com *.eagle3dstreaming.com;img-src 'self' data: 'unsafe-inline' sgtm.new-energie.de www.googletagmanager.com *.usercentrics.eu *.facebook.net *.facebook.com facebook.com *.bing.com bat.bing-int.com *.jquery.com *.cookiebox.pro *.dwin1.com *.obs.eu-de.otc.t-systems.com www.redditstatic.com *.ad-srv.net *.adscale.de *.linkedin.com *.licdn.com *.analytics.tiktok.com analytics.tiktok.com analytics.google.com *.analytics.google.com google.com *.google.com *.googleadservices.com googleadservices.com *.doubleclick.net *.google.de google.de *.google-analytics.com *.mouseflow.com blob: login.new.de login-test.new.de *.new.de *.new-energie.de new-energie.de sst.klickenergie.de *.klickenergie.de images.ctfassets.net graphql.contentful.com *.moin.ai *.staging.realperson.cloud *.realperson.cloud wss://*.realperson.cloud *.chime.aws wss://*.chime.aws *.cituro.com *.app.cituro.com *.talk-n-job.de talk-n-job.de *.vlink.com *.eaglepixelstreaming.com wss://*.eaglepixelstreaming.com *.eagle3dstreaming.com
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
new-adventskalender.de
absolute.dev
aisleofelegance.events
www.alassv.org
pms.alias-solutions.net
alkagupta.in
antandtracy.com
www.apap.pl
aqqarek.com
www.babyshowerguzmanmiranda.com
io.baytaindustries.com
bcbalitour.com
bramaduka.com
casaydepas.com
www.codethunder.co.in
cobanlitekstil.com
www.coinfrs.com
demo.commulino.de
butler.creaivelab.com
danpride.com
deltadivinextrusions.in
www.dmc-bygg.se
www.dsouza.fi
eatch.me
admin.ecoemedicina.es
secretario.edubc.net
emilielyngsoe.dk
www.empoweredpatriots.com
enerhouse.com.br
punk-fe.erasmuswill.dev
etawahhelpdesk.com
www.everbrosgames.com
landing.facet-accountants.nl
factorio-francophone.ovh
fonoclaudineia.com.br
auth.foundersbrain.app
fulldisclosure.legal
dev.ggl.cx
staging.ggl.cx
app.gifty.ro
adhyay.halony.tech
www.hariharancalltaxiservice.com
chat.hinzwifi.xyz
app.staging.hyped.com
ilovesambhal.com
infinitysheet.app
referral.infuze.consulting
www.instanteats.co.za
invoice.sh
my-salary.keerati.xyz
hl2.test.kengin.app
www.kennedystudios.info
www.meddelivery.in
dev--console.meiliiapp.com
www.misraulgerpsikoloji.com
data.monarisotto.com
mvivo.pl
monggo-pinarak.dwiky.my.id
oficina.mya-tech.tech
nazmiye-yabaci.com
normalize.fm
www.nourishvibes.com
www.omaka.app
oxilionng.com
futurity.partnerhub.co.za
www.petanque-app.com
www.ponteplus.com
precisionbiodynamics.com
primestaffing.ca
training.engineering.publicissapient.fr
app.rahsathi.com
nova.rcaic.com
resell.ovh
retaingrowtech.com
roystoneng.com
afa.rxcx.au
xeon2.savetrackback.net
www.scanforride.com
www.shekharchavan.com
www.shogostudios.com
shroomfolk.io
www.silent--void.com
split-wit.com
sh.stratfor.com
login.teselagen.com
theuniversaltailor.com
tmlpinturas.es
app.todesktop.com
app.trackdmusic.com
big-bear-pwa.trueomni.com
tuitionmadeeasy.co.uk
cyberchamis.tuturu.fr
sb.ukaseai.com
xunhaikj.ultrafluid.in
umbleltd.com
terms.vcmehub.com
vectr48.com
www.welnes.app
invoicing.wexsel.com
www.sadhana-kitchen.work.gd
Other domains in certificate