Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=focus.jacobjans.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 15, 2025
Valid Until
January 13, 2026
41 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
12:B1:43:DD:99:97:CB:D2:A5:FD:0D:22:F0:83:03:02:E5:61:CC:C4:A4:96:BF:8F:76:A6:DD:1F:DC:56:6F:BA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
sync-works.co
calcountly.adrianobp.dev
bonnier.adssets.com
annoframe.com
askwello.com
athhr.com
lms.atomx.asia
bacnpm.com
www.bcast.world
www.bodysecret.in
auth.bonusapp.app
duckytracker.bradleywilkerson.com
app.btpro.it
bytestrone.com
smartappv2.tstgotyme.com.ph
mebs.com.tr
play.commandchess.com
corelytixai.com
csfactorynw.com
customcontractingandconsulting.com
auth.dz.cyberhaven.io
deliverygrumpychicken.com
dev-nb.de
fmm.dimarmultiservices.com
dougmart.in
www.elombekisala.com
jissen-7003o.elvn.tokyo
energia.delivery
engleski-instrukcije.com
www.enhob.com
widgets-uat.equix.app
app-staging.fillerupemployment.com
finix.auction
ib-wuellner.finnweiler.de
firedoorportal.com
professional.fit-in.ai
flirtquest.ai
operator.flywheeldispatch.com
fuzzymoos.com
towerstream.getinternetbackup.com
stage.golant.app
dev.graceblocks.com
www.haklnatomislavu.com
little-artworks.shops.hexfex.com
www.hibbertzsurveys.com
www.huakar.com
www.hypnosepunkt-roos.de
www.ijas.dev
focus.jacobjans.com
joselel.com
kanserien-se.kenartmedia.com
khukuriinnepal.com
kingfisherboatclub.com
www.laze.build
www.localbuddy.co.uk
www.locatortt.com
www.lookmycv.com
www.mayasayurveda.com
mgma-mm.com
unfriend.miinosoft.com
www.million-steps.com
vera.millionways.ai
myemailaction.com
nervesystemshq.com
www.nervesystemshq.com
google.neura-app.com
noticiasdeurgencia.com
www.nouf.website
oknow.com.au
olemasport.com
www.oliuni.com
center.paseo.org.za
www.panchreston.co
www.pandavideochat.com
premiumhubbly.com
rescatetecnico.com.ar
www.rooma.in
rubaai.net
www.rudrassllp.com
www.samuelewalzer.com
smiterandomiser.com
sparklingdesire.com
www.srdirect.org
teammulima.ca
teatweaker.com
techsolutionccs.com
www.terrapit.com
theprovidersglobal.com
sim-register.thetechery.au
www.timmothymerath.com
link.toeflacademy.id
fb.tristar.group
www.urban.immo
vehiflow.com.br
vne0n.com
whatrsome.com
world-lottoen.com
www.ycbh.in
yeditepenailart.com
staging-live.zoiclabs.io
Other domains in certificate