Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=elia.devay-foris.no
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 20, 2025
Valid Until
January 18, 2026
46 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
99:EF:3B:D5:11:D4:76:62:18:B7:BD:25:F9:C7:A0:A7:0C:3E:7B:44:D3:B7:10:F2:21:F1:62:88:84:DC:D0:32
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
letsencrypt.org
digicert.com
; account=d55e1707fe59cbbcecc371e9b7ddadbdaf2e3ccbb4bac1f5ae6a686a8e26f25f
pki.goog
Incident Reporting
mailto:[email protected]
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • Consider adding 'issuewild' records to control wildcard certificate issuance
Subject Alternative Names
100 domains
prc-5.dev-ltl-xpo.com
console.addrobots.com
advicelink.org
aeirt.org
airbornelogic.au
anchoriumlink.com
appeltuin.com
cl.badarteknog.com
app.benjiinvestments.com
birthtwins.com
www.blackcoat.ai
www.bluepeyi.com
breddihomes.com
www.centrovirtualfamiliar.com
chichaenaji.cl
chinatown.rest
ar.yogeshjadhav.co.in
smartsourcing.co.in
gsewa.com.np
danifullerton.co.uk
push.dcms.info
www.designofbrothers.com
elia.devay-foris.no
s.dnsoa.me
dominicfichera.com.au
auth.dragomanager.com
www.eliteprgroup.com
ewgasset.com
fitfathom.com
www.fiyat-al.com
egencia-qa-ideacloud.forgedx.com
fr0stpunk.com
www.frenfinance.xyz
www.freshnailsspalasvegas.com
fruitdraft.com
giacamtech.com
www.glrealitylabs.com
shift.goflytta.com
www.gvkrealtors.com
www.hamsatoken.io
hepsenfurniture.com
usermanagement.hod.cloud
activation.homehub.site
hs4solutions.co.uk
test.hububz.com
hoangdung215540.id.vn
spotlightpickleball.id.vn
commercial.indefini.do
www.influx.pt
insta-reels-downloader.com
jellingstone.com
calendar.jjportal.xyz
www.kdentalarts.com
seller.kerthos.io
kidobotics.com
w2015.kontra-k.de
www.kuehn.email
lbfx.xyz
learningstudioai.com
www.lepresidenthotel.com
www.luechaithaimassage.nl
madbatterstl.com
ai.managed-language.com
dlmi.marssolution.io
mazouz.com
donkey.metaparallel.net
nabnet.net
www.newthetaxihouse.com
www.nomeacuerdo.co
nounsville.com
www.flick.nunkware.digital
www.ochisamu.info
portfolio-panel.octalogic.in
web.operatio.cl
parrotworkouttracker.com
www.paysell.io
pedro-varela.com
driver.pickwings.ch
pip-boy.com
priamossystems.es
www.priamossystems.es
priamossystems.net
www.proautomation.co.za
pubman.ch
purevirallinen.fi
www.sas.travel
sayyedassociates.in
sectrkuttikad.com
serviwindow.com
brinant.smartseal.co.za
sunflowerpoems.xyz
www.synnetra.eu
www.tekr.io
web-beta.timp.pro
dev.www.trayn.com
tudoetech.com.br
s.ueue.com.au
www.uutech.jp
www.v7v.com.br
app.won.cafe
Other domains in certificate