Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=jamstack.co
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 11, 2026
Valid Until
August 09, 2026
72 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5F:45:B4:ED:44:1D:D7:7D:18:04:38:0E:27:77:A3:A1:76:C6:DA:37:28:BA:B5:85:8C:2E:97:5A:01:93:CD:26
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
itsnp.org
*.itsnp.org
*.certification.itsnp.org
*.discord.itsnp.org
*.group.itsnp.org
*.hosting.itsnp.org
*.vrittechnologies.itsnp.org
*.workshop.itsnp.org
*.api.clearingdomains.com
*.backup.clearingdomains.com
*.c5b59122-fa2d-4223-a154-43ef51b6f5e6.clearingdomains.com
clearingdomains.com
*.clearingdomains.com
*.dev.clearingdomains.com
*.staging.clearingdomains.com
drivethroughpay.com
*.drivethroughpay.com
fluffyfrenchyz.org
*.fluffyfrenchyz.org
*.secure.fluffyfrenchyz.org
*.sitemap.fluffyfrenchyz.org
*.connectvpn.gfdf.org
gfdf.org
*.gfdf.org
*.sslvpn.gfdf.org
grviv8.top
*.grviv8.top
ilovesushi.co
*.ilovesushi.co
jamstack.co
*.jamstack.co
jointhedonuthq.co
*.jointhedonuthq.co
ju219.cc
*.ju219.cc
jumbomortgage.xyz
*.jumbomortgage.xyz
kcyaq.gdn
*.kcyaq.gdn
killerfinds.sbs
*.killerfinds.sbs
ktmai.shop
*.ktmai.shop
kwc86.icu
*.kwc86.icu
lakeviewloancare.xyz
*.lakeviewloancare.xyz
laser-liposuction-2.sbs
*.laser-liposuction-2.sbs
*.hostmaster.lifeprotectioninsurance.com
lifeprotectioninsurance.com
*.lifeprotectioninsurance.com
*.m.lifeprotectioninsurance.com
*.mx.lifeprotectioninsurance.com
*.rd.lifeprotectioninsurance.com
*.rds.lifeprotectioninsurance.com
*.rdweb.lifeprotectioninsurance.com
*.remote.lifeprotectioninsurance.com
*.www.lifeprotectioninsurance.com
morrpay.com
*.morrpay.com
myexpedientinfozone.co
*.myexpedientinfozone.co
*.com.myredpacket.com
*.cpanel.myredpacket.com
*.cpcontacts.myredpacket.com
*.ftp.myredpacket.com
myredpacket.com
*.myredpacket.com
*.www.myredpacket.com
openexpedientonline.co
*.openexpedientonline.co
paintvision.click
*.paintvision.click
planetlabs.us
*.planetlabs.us
realityhireboost.social
*.realityhireboost.social
thinkbowerylegal.com
*.thinkbowerylegal.com
thrcandicevernonshow.com
*.thrcandicevernonshow.com
*.ww12.thrcandicevernonshow.com
*.ww7.thrcandicevernonshow.com
*.m.vax.cash
vax.cash
*.vax.cash
w8wo5cyr.xyz
*.w8wo5cyr.xyz
Other domains in certificate