Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=norwegiangiftshop.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 11, 2026
Valid Until
July 10, 2026
60 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
91:86:D7:1C:EA:7E:23:55:5F:97:B6:FD:FB:BA:2E:D6:E1:DC:22:23:4D:29:50:E7:77:65:EF:3A:0A:6C:E3:DC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
urrosite.com
*.urrosite.com
floghtaware.com
*.floghtaware.com
*.shop.floghtaware.com
*.ww1.floghtaware.com
*.ww25.floghtaware.com
*.dev.norwegiangiftshop.com
norwegiangiftshop.com
*.norwegiangiftshop.com
*.ww25.norwegiangiftshop.com
pickmarlinmarketing.com
*.pickmarlinmarketing.com
piedmont-ortho.com
*.piedmont-ortho.com
pingfyxerspirit.info
*.pingfyxerspirit.info
pleaseyourself.org
*.pleaseyourself.org
poland-washingmachine-1104.sbs
*.poland-washingmachine-1104.sbs
potjects.com
*.potjects.com
printsadda.in
*.printsadda.in
purrfectchoice.com
*.purrfectchoice.com
qdnks.ws
*.qdnks.ws
r-a-j-a-123.vip
*.r-a-j-a-123.vip
rankpursuit.com
*.rankpursuit.com
restaurant-beaurepaire.com
*.restaurant-beaurepaire.com
roaminglegend.com
*.roaminglegend.com
roborol.info
*.roborol.info
rs-motors-7b4bb9e6.sbs
*.rs-motors-7b4bb9e6.sbs
sake-sake-sakai.com
*.sake-sake-sakai.com
sendnativelabs.com
*.sendnativelabs.com
serialet.info
*.serialet.info
shadowfun759.info
*.shadowfun759.info
ssscuba.net
*.ssscuba.net
stoneridgecondos.com
*.stoneridgecondos.com
superacademy.io
*.superacademy.io
sweethomeinterior.com
*.sweethomeinterior.com
theorgstationconnection.com
*.theorgstationconnection.com
toatrrpnnso.onl
*.toatrrpnnso.onl
traveltrustzone.live
*.traveltrustzone.live
treeremovalflorida.com
*.treeremovalflorida.com
twoagentic.com
*.twoagentic.com
txtamlosnbe.vip
*.txtamlosnbe.vip
unaccustomedearth.com
*.unaccustomedearth.com
vavadasp60.com
*.vavadasp60.com
voiceaicrew.com
*.voiceaicrew.com
weddingtrustsource.beauty
*.weddingtrustsource.beauty
wildsolitudeguiding.com
*.wildsolitudeguiding.com
wimsg.xyz
*.wimsg.xyz
wvlah.exchange
*.wvlah.exchange
wyomingranchhomes.com
*.wyomingranchhomes.com
xn--casbom858-74a.com
*.xn--casbom858-74a.com
xn--fiq033axndvoj.com
*.xn--fiq033axndvoj.com
Other domains in certificate