Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.kjmtradingltd.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
36 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
07:56:8D:CA:77:E4:31:C5:F9:28:B1:A0:76:F8:1B:76:E7:8E:74:F7:84:B4:5D:EB:88:09:91:CD:02:EE:05:04
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.admin.printingw.xyz
adrianalan.me
aeromedprimeconsultancy.com
amrush.dev
xai.ankor.us
www.antillect.org
antoninofisichella.com
www.aprohirdetes.com
test.art-korolev.ru
demo2.bastionresearch.com
batchbase.de
bancobase.biibiic.com
qacotizador.biibiic.com
uatquadriga.biibiic.com
vidanta.biibiic.com
yanfeng.biibiic.com
blogwithnurses.com
brainbankai.xyz
brunabarone.com
cafedeschiens.com
auth.capplica.com
cardhippo.com
citygeometrix.com
cliquebeirut.com
myseries.mako.co.il
weddings.studiorami.co.il
codeible.com
www.byveri.com.tr
resumensoluciones.copsis.com
app.cord.tech
dac-repairs.co.uk
detetivepoo.com.br
app.dieta17.pl
discordclique.com
www.dnlogis.com
bank.enciu.ro
www.estebanlocutor.com
www.fabiobonadiman.it
fluzze.ca
futureforwardcs.com
endlesssiege.games235.com
tinyfishing.games235.com
www.givingtreeventures.co.uk
www.greenpenstudios.com
www.hexaq.ca
www.usca.ihhsfair.com
www.inovie-scan.fr
www.jeppisjazz.fi
www.kjmtradingltd.com
www.ladispensadiirma.it
www.leejacobsz.info
www.lemontoes.com
staging.lenti-contatto.it
www.faq.lessondepict.com
macrocosmcapital.ca
www.mariusproton.fr
mdearthmovers.rs
p.mss.io
mtrreport.xyz
www.shop.mynooci.com
mta-sts.nakano.biz
memory.navigators.de
staging.net.in
www.netmania.cz
nikolaevadesign.com
dev.together.nthn.io
ordish.co
deep.iotbit.otobit.com
www.phil-ge.de
pipcoin.vip
legacy.pogotowie8klasisty.pl
www.postpost.it
demo.qafcom.com
edificiodoparque.rar.pt
rurito0125.dev
cguide.samventocilla.com
www.sanchte.com
skypalooza.com
sloppylopez.com
songahm.spoty.dev
app.ssmbadelaide.au
tabnzgallery.online
www.thelogbook.app
fire.tobb.be
cms.koopman-offers.touchwonders.com
travaylafer.com
tryckkort.se
tumashev.com
ilsalotto.uebify.io
integration.espace-accedant.upbycellance.com
www.uvacellar.com
www.valoradesign.cl
admindashboard.viralfission.com
referral-app-admin.vitas.com
www.vonkalckreuth.eu
warpprism.com
www.windupmusic.ca
hafilaty.wiotschool.com
zdravevski.pro
www.zulu.video
Other domains in certificate