Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=referral.edenfarm.id
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 26, 2025
Valid Until
December 25, 2025
37 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
08:38:A8:75:D3:FF:0D:CB:C6:48:F2:85:2A:F5:10:2F:E1:4A:C2:A7:9C:1A:E9:F5:C0:26:BA:1B:0C:F4:A4:AB
Alternative Names
Security Configuration
TLS Protocols
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
streamlion.io
dev.iteam.28east.co.za
booking.aanderum.dk
library.suiit.ac.in
login.adpost.com
play.animogames.org
anineogkristoffergifterseg.no
www.anjb.pt
app.aptinov.com
www.atkeebler.com
app.benevity.link
betia.net
beta.boardgamehaven.com
www.boehmfelder-bergblaeser.de
www.bongato.com
www.borogove.io
www.sandbox.briklin.com
broceliandemotoverte.fr
chiefmarshalfan.com
www.cipreotti.com
li6w.cleardesign.group
www.aquagroservices.co.in
collabas.com
medicalhelper.com.tw
www.cometolighthouse.com
dashboard-1.commoadmins.dev
craynext.in
dl.daddyhunt.com
www.dictator.kz
pharmacy.doryhealth.com
referral.edenfarm.id
ecmerck.event.rocks
app.dev.extravega.com
www.ezacu.com
www.fireflysoup.com
www.forgotten-faces.com
formaresconsultoriadh.com.br
app.foveate.com
josiptokic.from.hr
www.gunhillaveguesthouse.com
guts.io
books.hakoniwa.net
hausarena.com
god.helloqaya.com
herbitussin.pl
auth.typoly.idolypride.jp
inaguirre.dev
checkout3stg.insyncapp.io
www.lentoon.fi
transcription.lightblue-tech.com
matchapp.info
www.admin.minkommunapp.se
agendashare.minmeeting.jp
oasis-dashboard.muhoko.org
admin.mymusichub.io
api.myrtlebeachpassport.com
www.mythic.online
neetcode.io
ashutosh.net.in
admin.networkr.io
normandie-evenementiels.fr
onurhitay.com
heimdall.paperculture.com
pastoraluniversitariaunsa.org
philip.software
pianolessonshull.com
picventure.tours
bestellen.pizzeria-apollo.de
plugincraft.dev
www.pollbarn.io
poolnmore.online
precisemarketingco.com
app.prospectstream.com
rakuraku-seikyu.com
readvisually.org
auth.snaprole.net
www.snty.fi
www.somnayak.com
ww.spinetv.com
justdoit.strannizza.eu
dev.talent-alpha.com
tariki-hongan.online
dash.tasq.me
app.tfbtrading.com.au
www.thecountrysideisdumb.com
hillsvet-stage.thepetdoor.net
www.tntweb.dev
card.tonlabs.io
dsm.toolabs.com
trinis.eu
main-beta.truckstop.com
www.unipac.io
vdclinks.com
www.vejmartin.com
easytronpay.walletpayment.net
westcode.tech
xairraki.com
redirect.xenna.pl
www.zaiqacaterer.com
zentci.com
Other domains in certificate