Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=api.rumx.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
52 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A7:06:72:7D:D6:B8:60:6D:75:2C:65:B6:06:A1:D1:66:77:3A:D8:6A:BB:13:16:B0:D0:48:22:C4:DD:41:86:88
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
admin.woki.ar
2018.dddeurope.com
2xx.app
agendamento.de
www.aikidowatanabedojo.it
link.ampr.network
animemake.app
arzamas-16.ru
sharing.asiadigitalhub.net
barroisantiques.com
www.bjerk.io
www.bkitsolution.com
brumainnovations.com
firebase-staging.brut.live
cargoplanner.se
cepyme.com.co
certisep.com
reservas.imob.cim.br
signin.citikey.uk
canavaggio.clau.io
link.zalora.co.id
www.cubinamics.com
www.dabbr.app
invitations.dashpay.io
www.calendrier.decouvertesnumeriques.com
dominicanuniversitycamps.com
selfservice.dynamicmarkets.com
waitrosedev.enezatelecom.com
avisolegal.everest-smart-routes.com
dev.ayaan.faizal.pt
ffsb.co.uk
organisation.api-dev.fielder.one
www.fnbg.co.uk
www.frau-chaertli.ch
team-test1.goodhuman.me
www.goresoftware.com
app.lending.halodao.com
www.hardikparmar.dev
admin.hlo.app
www.hotcocoasoftware.com
www.houtzaagkunst.nl
nghoangphuc.id.vn
quantuanhuy225014.id.vn
app.inmoautomation.com
jamesjwarren.co.uk
julklapp.janove.hamburg
clean.jubla-trimbach.ch
resource.jud3.io
kafanakafanadjusina.com
haniuuan.kyiv.ua
www.leonardomerlin.com.br
lilyhorse.com
instahollymodels.meander.media
www.microvida.eco
www.mombo.solutions
msauw.org
www.myloko.cz
mysproutly.de
mzansicharades.co.za
www.olostan.me
links.omologherifiuti.it
onmyown.be
www.oshukai-karate-68.fr
www.ossapp.com.au
www.oussama-messai.com
paylasode.com
go.peoplex.io
www.playsquordle.com
ask.primary.org
www.readyup.win
admin.renaultbolsa.com.br
www.renzk.dev
api.rumx.app
www.sailbaikal.ru
support.saloninteractive.com
www.siete.top
www.siif.ventures
api.skilltech.team
slicesapp.com
file.sonagi.space
dala-chargers.sonice-aioe.com
www.speedyloans.co.uk
spinerecovery.org
www.stanleywkman.com
beta.stily.no
straypals.pet
www.studioileniagarabello.it
deeplinks-development.swifty.global
admin.telawa.app
tespi.ee
questioncube.games.tetherstudios.com
thewalkies.es
www.thomaszimmerman.dev
odn.titans.town
volleymania.nl
www.we4u.com.br
api.weareneonify.com
news.weezer.fr
www.wildebomen.nl
wproducciones.link
Other domains in certificate