Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=playground.codingninjas.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 25, 2025
Valid Until
March 25, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1D:A2:4F:2B:B2:52:22:46:10:49:BF:D1:8D:AE:21:8D:CF:AD:06:0A:47:BE:BD:8C:C5:C1:47:7B:AE:F3:49:82
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
editor.gaya-app.com
sketch-for-jira.42nd.co
weighbridge.acuizen.com
www.affixcard.com
admin.ag-kiosk.ovh
andrercarvalhoadvocacia.com.br
www.animalhealthcost-benefit.com
appwetutor.com
bamashower.com
be-raad.be
innsikt.bilista.no
blissboutique.vip
booking.byoraprivateoffices.com
capturemate.com
www.carnegieclassic.com
ekincan.casim.net
www.catawbaindianscamps.com
clipule.com
cnkamsterdam.com
ksa-registrations.co.ke
chibogmizer.codearmy.dev
playground.codingninjas.com
rastrear-guias.coordinadora.com
crajit.com
crmnl.international
auth.flexport.cyberhaven.io
dalmiajansevatrust.com
www.danielpatnode.me
homeadmin.dbcphysioasia.com
docsprocess.com
transontruong.dstteam.com
www.e-cono.fr
www.ediledm.com
data.test.einfachgast.de
dashboard.estatesync.io
estr.cymru
api.exerscreen.com
fareastenterprise.com.au
admin.favsalon.com
www.admin.freestyle.gamma.fayd.app
stage-www.finisher.co
dev-affiliate.fix4.com
api.frutify.co
geteternalapp.com
testing.gets.cloud
www.habitminder.com
www.hurtgirls.com
member.iosdev.com.au
jeankelleymd.com
jeanyves-gauthier-psychanalyste.com
www.jooni.app
joshlunn.com
kaijucrunch.com
kids-playbox.com
app.kushscan.org
www.landmarkt-hammereisenbach.de
auth.luminawellnessapp.com
www.matthewforrest.co.uk
maxbet88.asia
dutchlady.mebooks.co
www.milosexoticsnack.com
backend.mipelvis.com
test.miversio.com
mrsgreadingroom.com
navadev.studio
neuro-sense.ai
octanesoftware.store
applink.nu.or.id
pascalhostettler.ch
paynespickles.com
pedrs.org
pendable.xyz
marlink.pensioenbij.nl
plantora.com.br
www.quillatwill.com
radicallyher.co
preprod.briowireless.recursyve.dev
sairakesh.dev
sommerogfritid.dk
www.svmtapioca.com
tools.sweeven.life
app.tbchart.xyz
thedoorofficial.pt
thenaukriwala.in
www.thepmnotebook.com
www.tina-app.com
www.tovainc.co
therapy-seeker.tryatherapy.com
www.tvdhwani.com
agency.tydo.co
www.tylercoopernd.com
verifix.in
vfprints.store
ica.viveit.cl
development.vocabularily.com
vuliscore-medical.co.za
wgt.me
www.whiteskydev.com
business.wmtu.fm
yebopets.co.za
Other domains in certificate