Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=vayas.it
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 10, 2026
Valid Until
May 11, 2026
89 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
43:8C:8F:51:9F:DE:81:A8:26:F8:40:20:47:DC:0A:47:75:0D:CE:B9:63:32:85:1E:94:1B:D7:59:0F:3B:8A:F8
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
qr.id
*.qr.id
*.a.qr.id
*.aji.qr.id
*.al-irsyad.qr.id
*.alsofwah.qr.id
*.aminef.qr.id
*.apjil.qr.id
*.apsi.qr.id
*.aswandi.qr.id
*.ban-sm.qr.id
*.bansm.qr.id
*.bloggerindonesia.qr.id
*.cfg4.qr.id
*.csrc.qr.id
*.damandiri.qr.id
*.dana.qr.id
*.dirgantara-lapan.qr.id
*.e.qr.id
*.elsom.qr.id
*.fast.qr.id
*.gaikindo.qr.id
*.gtzsfdm.qr.id
*.ibnukatsir.qr.id
*.ikasma2pdg.qr.id
*.ispa.qr.id
*.k6menaq.qr.id
*.kadin-indonesia.qr.id
*.kaltimprov.qr.id
*.kehati.qr.id
*.kemkes.qr.id
*.keuangan.qr.id
*.kopertis6.qr.id
*.mec.qr.id
*.media-islam.qr.id
*.milanisti.qr.id
*.muhammadiyah.qr.id
*.muslim.qr.id
*.nurmal.qr.id
*.nyem.qr.id
*.olimpiadeagpaii.qr.id
*.original.qr.id
*.penabulu.qr.id
*.perbarindo.qr.id
*.pssi.qr.id
*.puskur.qr.id
*.qmim.qr.id
*.rawdata.qr.id
*.sekolahdesa.qr.id
*.smart.qr.id
*.ub.qr.id
*.wildcard.qr.id
*.xn--dec-mma.qr.id
*.y.qr.id
*.ymh.qr.id
*.ysattegal.qr.id
*.0094ef02-38e6-44c3-b46e-4222a5001f7e.autohit.ca
autohit.ca
*.autohit.ca
*.dev.autohit.ca
*.vpn.autohit.ca
barbaradevil.com
*.barbaradevil.com
*.members.barbaradevil.com
*.random.barbaradevil.com
*.ww38.barbaradevil.com
healthjournal.space
*.healthjournal.space
*.webmail.healthjournal.space
*.hotfix-jenkins.jopaint.com
jopaint.com
*.jopaint.com
*.sitemap.jopaint.com
permainpg.com
*.permainpg.com
*.vpn2.permainpg.com
*.openmind.psicologos.com
psicologos.com
*.psicologos.com
*.webvpn.psicologos.com
*.hostmaster.thunderball.it
thunderball.it
*.thunderball.it
*.hostmaster.vayas.it
vayas.it
*.vayas.it
*.wakkl.xn--9kqy4sc0nmc850m.xyz
xn--9kqy4sc0nmc850m.xyz
*.xn--9kqy4sc0nmc850m.xyz
Other domains in certificate