Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.jx.fi
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 29, 2025
Valid Until
December 29, 2025
50 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
8E:B5:EB:57:31:BB:AB:77:0D:36:9E:75:A9:BA:D4:CE:88:6D:E4:7E:52:51:FE:75:5D:C2:44:AC:44:51:A9:96
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
typingwarrior.com
kimball-config-cert.3dcloud.io
420iq.lol
signup.acuval.com.au
agentairforce.com
auth.anymark.co
ngsprekanchanhadmin.auxswot.com
blanxlait.com
casagrandeleiloes.com.br
sabor.clau.io
clotidal.pl
clubfrolic.com
bank-prod.grobox.co.ke
wazomojafcs-staging.grobox.co.ke
cotools.cc
cradle-app.net
ctaddonshub.com
databrokers.cl
www.deplostudio.com
www.eighteen04.co.uk
enduri.ch
www.enrollmedicarecenter.com
pqs-noodplan.facet-accountants.nl
service.fazendacoffee.com
fsocietysj.com
gachemicalsrls.it
getdailyscore.app
getdailyscore.com
giostech.com
www.giostech.com
app.goalplan.com
next.goalplan.com
www.gradtrack.co.uk
hack-track.com
app.hiring-assist.com
bernie.hovercast.live
inkrhub.com
www.itsadeal.app
jutuksi.app
jvt.ae
www.jx.fi
kalanavw.com
admin.karpura.app
lentoon.fi
www.lexflowapp.com
www.makapartners.com
mamasnectar.com
mammactive.com
miniyatra.com
mrjx.us
multigenderhebrew.com
mvmuralt.com
www.mvmuralt.com
care.neuvo.ai
developer.neuvo.ai
resource-sharing.nextpak.org
www.orchid.garden
originalsolutions.consulting
test-stage.ownhome.app
admin.parallelfluidics.com
petprojectsatlas.com
phandar.club
pigeonpost.in
pratikchauhan.com
preselix.id
www.prim.space
www.rehanhajee.com
reportinsight.info
switchboard-test.sandboxvr.com
switchboard.sandboxvr.com
auth.oidc.staging.senecalearning.com
servicios-sauce.com
shieldautostore.com
aolmigration.shuttlecloud.com
simplelm.com
www.sindicato.app
sketchai.art
spotpack.com
squatchnosh.com
tagomori.com
techcraftpanda.com
www.thegameslab.net
www.thenineelements.com
tokenkazan.com
admin.transect.com
platform.transect.com
trybguet.com
ugatta-llc.com
www.uminek.ooo
page.until.blog
www.vault-portal.com
verdiapp.com
videoconverterdownloadermp3.com
www.whendoibreakeven.com
wormbinquinn.com
xaiexchange.com
www.xmarksthespot.in
zephyrway.app
zoesever.com
zwapy.com
Other domains in certificate