Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=staging.qjamin.id
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 18, 2025
Valid Until
February 17, 2026
81 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
28:70:1C:9C:44:FA:B1:1F:C7:66:A4:E9:DB:64:AB:4F:B4:E1:10:BE:1E:E1:9D:7A:49:29:AB:C8:29:B3:A6:18
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
admin.hairtect.jp
line.dev.hairtect.jp
5mlife.net
afilliatenetwork.com
aiguide360.com
aijobshunter.com
en.angula.app
animalnet.app
arestaintuitiva.pt
admin.asc.education
batista.digital
bidaia.travel
app.cecomunica.net
www.celebrates.events
www.chalker-pr.com
www.direct-law.co.kr
test-api.cryptoraiders.xyz
www.desserti.io
simet.devspace.com.mx
digitxtra.com
firebase.diretodostrens.com.br
link.dogcat.app
donnellytech.ca
www.easyautomaticlessons.co.uk
erikschu.com
finhawk.app
howserwin.florianmaier.io
fryerenergy.in
www.gamesgrid.me
gezery.studio
gofent.com
hassan-ali.uk
healing.earth
www.initium.ai
www.inspectie.app
istminstrumentacao.com.br
auth-dev.licensing.itopia.services
jobexpress24.in
www.jointoyage.com
www.jones.co.nz
www.joyasroger.com
www.hml.keepfacil.com.br
kunalraj.dev
www.machinique.ai
weblab.marceloconceicao.com.br
mathblast.me
main.mavenai.app
teleicu.medeintegra.app
tabs.mobilenxt.app
modulo.llc
www.musfalle.ch
www.muss-nicht.de
survey.mymoodbit.com
smartconsultancy.net.in
www.nextstack.co.uk
link.nutriplus.app
auth-worker-portal-stg.opusasia.io
admin.teknohama.or.tz
piltoverpost.gg
www.pitted.app
pixel16.com
www.pmcuae.com
www.pricemycar.me
przemec.dev
app.qeel.fr
staging.qjamin.id
admin.qre.dev
app.staging.qumulex.com
raymundo.xyz
rocketcapital.ai
signup.rotapad.com
routezero.world
sam-technologies.co.uk
selinho.app
www.selinho.app
simplicitymadeeasy.ca
sticky-day.com
dev.talentlinq.io
vma-demo.talentlytica.com
buddycenter.teawaterwire.dev
techpals.info
auth.testmasterhub.com
www.thehandyjuan.com
www.thewildcallsresort.com
tweet-reader.com
auth.ubistock.com
www.universelab.kr
fire.unreasonablegroup.com
popplayer.usertesting.jp
utruckie.co.za
www.utruckie.co.za
visionliner.solutions
inventar.visure.ch
vlad-chistyakov-market-project.ru
uplink.westashleyrobotics.com
iradio.wiselysoft.com
wishtag.app
www.app.yallafalla.com
yansnote.com
www.youtube-music.com
Other domains in certificate