Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=stefanpennerup.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
March 16, 2026
Valid Until
June 14, 2026
53 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AE:D7:CC:C7:AC:33:42:8B:8F:9F:71:21:ED:5F:56:11:47:54:6D:89:B6:8D:51:B3:A2:8B:B6:D0:15:2C:4E:2D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
sinhalatutor.lk
docs.api.coverage.28east.co.za
www.a4all.org
www.ai-link.ro
demo5.aiconnectadvisory.com
portal.aplicativopalavradodia.com
download.dexx.appetiserdev.tech
aurame.ca
bittery24.com
brainvault.work
services.chatcaptain.de
chessmerize.com
closedlooptools.com
coffee-refill.cc
www.creatio3d.com
death-peace.com
absen.depok-kulonprogo.my.id
biji.dreamgyf.com
abad.energia.app.br
charla-helm.eximiait.com.ar
factwells.com
www.fallan.se
fightingcorruption.no
flytr.in
www.flytr.in
frabjous.no
www.futureplease.com
vgproduction.geekbird.com
greenagroexim.in
www.greenagroexim.in
dashboard.guardial.in
corporategifts.hiremaze.in
hogsrule.com
www.hoi.services
iancredible.co.za
icnfoundation.org
onpnj.podb.incentable.com
junior-etudes-phelma.fr
kambazaar.in
kamiara.com
kropai.com
www.laleshi.com
lamina-gliwice.pl
auth-dev.lecoinduprof.com
www.mdaptus.com
www.mittauspyykko.fi
data.mixablestudio.com
mohitdeore.me
event.app.moodii.io
munehal.com
www.mysecretsanta.co.za
app.nextguro.com
event.omnevu.com
events.omnevu.com
guru.omnevu.com
intelops.omnevu.com
media.omnevu.com
sureway.omnevu.com
tools.omnevu.com
staging.oplit.fr
pausetime.org
mobile.admin.pdmuliasari.co.id
www.pechinchaai.com
www.penzion-w.cz
pianodoremi.com.br
pixdasorteoficial.online
tri.pixelsaurus.io
pluckshot.com
dev.portlandpatent.com
www.prazdninovy-domek.cz
prospin.ge
ads.proyectosesenciales.com
ps2t.in
racemet.pro
rikkyo-williams.jp
rybydabrowka.pl
devfest.sanddollarapps.com
hokita.semakode.com
www.serviconn.com.ng
www.sis-trocknung.de
juara.bioponto.sistemasnemesis.com.br
sophisticakespa.com
spoonpos.in
stefanpennerup.com
www.surjithpyropark.in
axobar.thediners.in
tirzalabs.com
www.topokart.no
translitrainer.com
vkmtravelstrichy.in
www.vkmtravelstrichy.in
willandtom.com
wintechpolysol.com
wnxh.lol
www.wnxh.lol
wudangtaoist.cn
www.wudangtaoist.cn
redaktion.wuerttfv.de
www.xxcq.surf
zarhrahluxurycollections.com
Other domains in certificate