Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=theo.nejokey.se
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 23, 2025
Valid Until
January 21, 2026
67 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7E:96:4D:5D:73:B4:49:38:C3:BC:A6:F0:99:29:2B:E4:FC:19:7E:25:DE:BE:D4:20:94:6D:C5:C2:E9:17:E7:5F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
swerv.app
achintyo.acuizen.com
aitiate.com
dashboard.akharva.co
alejandrofernandesantunes.me
baronacentrs.lv
bashasnaturals.com
benstrobel.de
m.bnscan.com
brellahomes.com
www.calendar2022.com
gcp-us-east1-08.dev.app.carto.com
cleancrazeni.co.uk
bhagyesh.co.in
iactusmedia.co.in
embassy.cognilements.com
dev-policy.colavo.kr
app.teleworker.com.tw
consently.me
creatoors.com
cricanalyst.ae
rrhh.distrisuper.com
djtran.dev
www.drsamuellenald.com
link.enjoy.ly
espacoceramicaimoveis.com.br
manager.extrai.app
app.fichaje.cloud
link.nami.frontrow.systems
frostehr.app
guyenergy.co.uk
healthmatters.insure
creator.heny.app
hirist.us
hotelbluelagoondaman.com
www.icomuae.com
blanchospital.hml.portalcliente.izii.io
jobsintech.live
null418.justinbaldeo.com
kapadiaco.com
karate-do-prien.de
kieronsmith.co.uk
www.llm-ventures.com
lukasgasp.de
matthatters.com
spanish.mayamd.ai
www.mikezamayias.com
millylee.info
mintycabin.io
go.dev.mo-t.com
esign.nablasol.net
pic-sgdefraud.mentor.neccton.com
theo.nejokey.se
nivish.in
novigado.org
www.patfordlaw.com
pezziimoveis.com.br
link.pollsforimessage.com
auth.pond.ltd
praguerocks.cz
www.predictions-podcast.com
proactivist.in
gestione.profitness.app
dh-cleaning-crew.preview.prosmeethomes.com
www.prrtransglobal.com
www.blendcharonne.order.pulp.eu
radioh.app
redlinerentals.ca
www.reply.ninja
www.robert-roehlinger.eu
tools.samolink.com
users.santrpt.app
agenda.scalifra.net
saas.sconlinesolution.com
contact.smartcart-tech.com
sparx.fun
speakermedic.com
stackoverfood.com
www.stalwart.app
statsy.app
edu.steamplug.com
www.strategicfilmdistribution.com.au
www.suomenpeltitekniikka.fi
supergenetika.sk
www.tactibots.com
portal.tdsfidu.ch
test.techcareer.io
map.thinkair.co.uk
www.timerange.app
tmdemolition.com
ukdrivingtest.trutest.in
unluckyvalidators.com
peter.ursem.ca
vastavya.in
app.visionnanny.com
status.voto.vote
stag1.app2.wakuas.com
app.staging.xapobank.com
yourdesignjuice.com
www.zibezi.com
Other domains in certificate