Open
Cached
·
just now
89/100
SECURITY SCORE
Certificate Information
Subject
CN=nguyenchiencong202416432.id.vn
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 09, 2025
Valid Until
February 07, 2026
62 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C5:6E:38:E6:AF:FE:2F:D8:6A:EF:F9:DC:45:22:28:9D:A7:87:7D:03:1C:92:3C:67:40:BD:94:3C:40:E1:95:E4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000; includeSubdomains; preload
Content-Security-Policy
Basic
base-uri; object-src; script-src; +7 more
base-uri 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' resource://devtools https://api.emailjs.com https://www.gstatic.com https://www.google.com https://apis.google.com *.googleapis.com https://storage.cloud.google.com https://www.google-analytics.com https://sentry.io https://*.posthog.com https://*.amplitude.com data: blob: https://j.6sc.co; style-src 'self' *.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline';default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://cdnjs.cloudflare.com; connect-src 'self' *.doubleclick.net https://roosterconnect.roosterinc.com http://localhost:* *.roosterinc.com https://api.roosterinc.com https://scheduler-api.kognitivinc.com undefined https://api.emailjs.com https://cdn.simplelocalize.io https://*.amplitude.com https://www.gstatic.com https://www.google.com *.googleapis.com https://www.google-analytics.com *.cloudfunctions.net https://sentry.io https://*.posthog.com https://api.imgur.com data;img-src https: data:; frame-src 'self' https://www.gstatic.com https://www.google.com https://docs.google.com https://www.youtube.com https://player.vimeo.com https://scheduler.kognitivinc.com https://app.roosterinc.com; frame-ancestors 'self' *.myworkday.com *.myworkday.net *.workday.com *.workday.net
X-Frame-Options
Excellent
deny
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
scheduler.kognitivinc.com
50koin.com
aesliy.com
app.afipayments.com
budget.ainahainapta.com
www.andrewjamesbaker.com
auth.astro-nomos.com
barronsmechanical.com
www.barronsmechanical.com
berdoungdee.com
besttravel-cm.com
www.bhumiandfang.com
biotnea.com
www.blueseedgames.com
pay.bozheime.com
carefulclues.com
carnetdemiquel.com
carvitae.co.uk
celorizon.com
serenadesafaris.co.tz
www.codexplosion.org
www.artukludis.com.tr
condeswift.com
www.degendata.com
community.dmcoin.co.uk
edenberg-eat.com
emergencysituationkit.com
endlessrealms.ca
eptenbe.com
equalytics.co
firstchoicecleanllc.com
www.fleshproxy.com
gfckids.com
giacomoforlani.com
gyosei-kento.com
hamllab.org
www.haybarro.es
www.homeon.ai
homevalue.ch
nguyenchiencong202416432.id.vn
fullstaff-admin.imperia.solutions
www.infinityframe.eu
initium.ai
www.jethiyahi.com
jobjolt.ai
www.jonaspiela.de
jorgeolaya.xyz
mobile.lar805.com
www.levizumi.com
lichamviet.vn
www.likkle-logic.com
dev.lollychat.ai
loveframe.site
h.lucafloesser.me
luksauto.pl
checkout.staging.manifestfinancial.com
tm.mightyscape.in
morgansdrivingmiles.com
beta.moxie.one
www.msoler.dev
nexusautomate.co.uk
big-nano.nullsploit.in
obstruction.ai
app.oorbital.tech
run.otraks.biz
phillywingsexpress.com
punubeplusalpha.app
app.qtshippingexpress.com
links.rocketroadmap.com
www.saintleodegree.com
salemhandmade.com
zoom.salesq.app
parent.devc.skool.sg
smartflyers.rentals
solbase.xyz
soliscare.ca
soludev.com.ar
spicett.com
missionviejobaseballismadmin.sqwadhq.com
tarbil-antikortitre.info
app.teloshealthsystems.com
thebppa.co.uk
thomasgrivet.fr
portfolio.threlow.com
www.tinkerersagar.com
uhub.app
docs.test.myid-idp.unifiedpost.com
validus.nexus
www.vedashil.com
www.vicenteortega.org
test-sales.viethas.com
www.vilfred.co.uk
vkram.dev
wagoncarpool.com
swm-upsbeji.web.id
ddoc-test.witeseb.website
waze.woofiepie.me
pairing.yashdagade.com
yovstudio.com
megacheck.zrm.vn
Other domains in certificate