Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.jonathan-thai.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
53:4A:87:99:54:F5:83:F4:59:C0:DF:DA:2F:E6:F3:18:90:98:FC:25:48:E1:3B:F1:D5:09:5A:46:F9:15:FA:2E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
act.hemisphere.digital
36mustory.me
www.acuteplus.com
alejandro-morales.com
dev.aliroimmigration.com
arcticpipe-weldservice.fi
www.arugampul.in
www.badomate.hu
www.bepricewise.com
bizgrab.io
www.boostframe.com
www.booze.one
carbonera-app.com
www.christellendaya.com
christiankonnerth.me
cp.clatas.com
mueblesorts.configuradordeco.com
coseats.co.nz
demo.creditpro.hu
mycalfeed-for-ofw.crownaddons.com
curiouspark.com
dbyagmich.com.au
deadculture.co.uk
dugunasistan.com
eksnuoma.lt
is.fancrew.jp
fanta22.it
a07k.foodle.su
francessibilite.org
froono.com
fruehstuecksheld.com
pos.galileo.ga
leitor.gen-t.science
giross.com.br
app.staging.goarthur.services
web.gogogarden.com
einheit.gostudent.at
groover.live
grows.global
patient.gtsvirtualhealth.net
gp.hildobijl.com
www.huggableheart.com
hellom1nh.id.vn
nguyenthithuydung20224958.id.vn
www.imoveisbaruffi.com.br
auth.informedopinions.co.uk
chevxeron-advisors-stage-8.ischoolconnect.com
beckon-shop.iwind.co
www.jcdubeavocats.com
www.jonathan-thai.com
payments.kiranafast.com
dev.locumotion.co.za
dev.ltax4.info
www.lubanco.net
www.mdln.com
admissionsgateway.metis.club
www.minhlam.dev
minimalno.info
moncayorural.com
app.mydogsociety.com
app.nami.africa
www.nebula.nyc
www.nicholastobiasart.com
next.noreply.link
accounts.dev.novafutur.com
nutnut.pl
app.nvhaemers.be
www.partyhouse.tv
www.hakki.pedidomovil.es
penglenghok.com
app-dev.perkypot.com
admin.phlex65.com
pianodash.com
qa.qualiphy.me
results-integration.quantifiedcitizen.com
rafivegas.com
st.riddler.co.jp
demonstracao.lab.sistemasnemesis.com.br
smartiron.app
www.sneltoegankelijk.nl
ce.socialsport.com.br
staffway.com.br
www.superspesaonline.it
www.suvanto.be
sysd.in
shiloh.thediners.in
thepalmastore.com
app.trainifier.co
www.trashmanjohn.com
invite.trimnewyork.com
www.trymetri.com
launchfactory.turbosbir.com
uchurch.live
demo.backoffice.uveye.app
www.vibezsecurity.com
www.wikiu.app
xpensease.com
www.buy.yoyoreact.com.au
www.zhe-liu.com
appstaging.zingoy.com
Other domains in certificate