Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=mjs.red
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D5:37:E3:63:3E:D7:8A:F0:9D:59:CC:1C:C3:BB:3A:53:A1:9C:54:22:0B:73:F4:C1:C2:BA:43:0C:68:ED:FE:F4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
stage.joinladder.com
games.23g.io
peliculitas-react.actosoft.com.mx
dsx5000.adastrahire.co.uk
www.agriconnect.ma
www.ahlulhadith.in
alcomplex.com
www.alexhilton.net
alolabsplus.com
dashboard.ar-tile.com
www.australianjobsindex.com.au
autoroster.io
behzod.dev
www.beneathourscars.com
www.boozygame.com
www.buscadorproductos.es
hive.caarya.cloud
cauzioni.cbdigital.tech
chaille.fr
sk.clau.io
app.coindev.co.kr
editor.agrolink.com.np
www.sea-traffic-personnel.com.ua
cosplaydaily.com
www.derkaan.de
diplomacykey.com
shipping.dpdgroup.uk
drcamilotorres.com
www.drinkhappy.io
dashboard.easydatagen.com
staging.ecoservicios.pe
app.ekimo.ge
admin.evertransit.com
fabienpamphile.com
laot.favric.cl
agrani-remit-admin-api.flexm.com
grow.galactichighfive.com
giorgio.garasto.me
brow-threading-studio.haitechgroup.com
trash.harkawal.com
www.hasmetalmakine.com
iceproofarctic.eu
link.iwawakids.com
fb.kainy.cn
kohrendering.com
laborerwork.com
laryod.com
dealers.leasemojo.com
left.tech
www.limoinfrisco.com
magppie.com
mattlantin.com
anesthesia.mayamd.ai
mjs.red
troclink.moloit.com
cl.moons.solutions
openteam.io
app-staging.pangosports.com
roxburgh.partnerhub.co.za
app.paypromptly.com
pedrocordeiroodontologia.com.br
pepyfy.com
www.playautocrats.com
auth.qipu.com.br
rapttechnologies.com
dev.regenenergy.io
regularanimals.ai
add.ricaun.io
auth.rumik.ai
percept.saurabhagat.me
warren.scantlebury.io
gotime.shambhalamountain.org
shelps.com.br
www.shotjeslijst.nl
www.sid426.dev
www.simpleclub.fr
doctor.skinvoyance.com
slimstladen.nl
5mhm8te3yuzrv54gmvan.smartimob.io
laundry.smarttoolscloud.com
www.solonevich.com
auth.soompi.com
www.spottea.in
neue-wege.stradner.coach
www.swiftinstall.ca
user.jupiter.test.synthesizer.tokyo
business-staging.talenttoute.com
thunderapp.com.ar
apps.to-hu.com
tombaranowicz.com
tshikhambegroup.co.za
freee.usk.biz
dashboard.v10n.com
jade.valets.app
www.vectotech.in
fastcoding.vertion1.com
zahle.wanke.jetzt
yeshostelvarkala.in
www.zharco.com
auth.zoetranscribe.com
Other domains in certificate