Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=sjip.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 04, 2025
Valid Until
March 04, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
EB:2B:60:41:36:54:71:05:B5:09:8F:3A:A6:88:56:93:B9:B8:6E:89:8F:96:8C:1C:CB:E0:CD:E6:99:0F:1D:90
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
mysticalscrolls.com
api-services-portal.5inline.io
personnel.academyservices.com.au
internal.acuizen.com
test.aeat.us
aimftw.gg
alexanderristinmaa.se
enterprise.appointer.com
dart-calc.arefakminasi.com
bestgolfcarts.ca
btcustomertest.boothtransport.com
www.bw-therapy.com
change-education.co.uk
drive.cityrelaysolutions.com
static.codeconecta.com
app.collabble.jp
easyfact.com.ec
cyberaid.etele.com.ua
www.comettai.com
swig-uat-orders.crispnow.com
www.cubostecnologia.com.br
cubsstatues.com
www.dmasters.in
dssdglobal.org
enlinje.se
www.expresssrh.com
fambook.org
link.fikachu.com
firebeast.dev
gastro-hub.de
www.giobs.app
www.gosnowstorm.com
hamily.life
www.helenasiding.com
hisaabkitaabapp.com
homemutualins.com
ilariabonadiman.it
dyslexia.imh.academy
www.incupie.com
ditoefeito.infinitifood.com.br
www.inishare.com
inspiritek.com
isorokina.com
hubs.beta.janitza.cloud
www.junaidabd.com
jyothishgompa.com
event.kekl.org
kepsi.eu
proposal.koptional.com
downloadall.medyatarayici.com
app.modi11.com
moodfood.xyz
links.uch.mycareplan.health
www.myndwave.com
nileshpranami.in
dashboard.nodogoro.com
cp5759190147530752.order.place
test.orderplace.cn
exewrap.oss.onl
perro-solutions.com
www.pinkhamtraveler.com
www.pongo.us
demo.portfoliolink.co.za
links.portal.ridealto.app
www.admin.rieticket.com
www.rijenreis.nl
polecam.rosmedia.pl
sainkaconstruction.com
www.schedulesmanager.com
www.shield-dms.com
clientes.shieldmoto.mx
shoppenob.com
shrys.dev
sjip.org
thetomorrowplanner.smallblueidea.com
www.smartpredix.com
vivaforma.sogafit.net
solarify.com.br
soyrecords.com
preprod.speakylink.com
www.stalukdar.dev
stanford2022nft.com
mass.stmath.com
www.superdash.in
surgeconsulting.pl
bodaarguetamenjivar.swanmoments.com
www.takaomatt.com
talktobuddhaai.com
tanukitech.dev
www.tartugeo-podcast.com
the-thompsons.com
www.theroyaldeco.com
fisioactividad.timp.io
www.tiria.org
app.tourdecrux.at
veventplanners.com
www.villanyszerelespecsett.hu
wartutor.com
www.watchingorder.com
invitedev.yuvime.com
Other domains in certificate