Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=jackthaiemenu.triggersplus.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 21, 2025
Valid Until
March 21, 2026
72 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E9:78:96:78:0B:A7:92:9A:EF:F2:52:A5:A5:7B:D1:EC:EB:B8:69:77:DB:AE:6B:7F:D8:3D:78:EE:B8:70:B8:5F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
aur.bo
4t.cl
www.5binvestments.in
app-s.alter-5.com
amaliaalibaev.com
api.siyasat.andresito.xyz
www.art-is-everywhere.com
triplewhale.artbyciara.com
gamecube.arthurbaron.fr
apdealershare2.autoplac.pl
averyano.com
gamesadmin-slots1-gs.bagelcode.com
dev-view.barleyboard.com
www.basyl.health
www.betterthannull.com
cdlmaster.info
www.clenz.app
ocr.collinj.dev
www.hippo.com.bo
coveda.in
www.lnk.criiit.com
www.denverlumberlaboratory.com
port-clone.devez.net
doocteur.fr
doodleclan.com
links.dreameen.com
echodydx.com
eclipselegal.ai
clientes.eljordan.co
www.ellastonecollective.com
admin.emboldentechnologies.com
www.familyfraternal.com
fennspec.com
find-words.com
agency.fiyom.com
fmfta.mx
www.g-shipping.it
grocerydepotms.com
henryjirvine.com
hidekazuyokoi.com
www.inproveda.com
isitraidday.com
auth.itest.ie
www.itmiz.com
tui-widget-sandbox.joinsherpa.io
www.kappalucky.dev
blog.kukerja.id
advise.loopcv.com
www.loreatlas.com
medicx.madhive.com
mahkotabumi.id
www.mdubowskidesigns.com
www.meandblush.nl
www.merickston.com
metaforgeapps.com
kiriwasco.metisinformationsystem.com
triagem.mmurad.com.br
links.health.moneytrack.io
mydavco.co.nz
www.myerst.dev
ecdev.nxgsoftware.dev
pitstopleaderboard.nxtinteractive.com
www.oksi.fi
examples.ourcade.co
www.passionlocker.de
pazar.io
o.posible.in
www.probusodontologia.com.br
querymax.fyi
razz-apps.dev
onf.re2fe.com
revalier.ch
rudych.com
connect-ng-carrier-loadboard.rxoconnectperf.rxo.com
www.sarmadmakhdoom.com
scalifix.com
schumitzky.dev
www.skaimmsoft.com
www.slashbear.com
solotraveler.club
app.sortyourshift.com
www.sportiner.com
sureshgosavi.com
surfalgo.io
cse.tac-strm-sds.com
thejour.nl
www.theslice.shop
tigerhawkt3.com
jackthaiemenu.triggersplus.com
tsunatsuna.com
ttdyce.com
tyrannoapartment.com
www.userbit.com
vidi.asia
vladimirbujanovic.com
wherethewildbeersare.com
wksalon.com
staging.wordcabulary.com
wtrandwoods.com
yorimichi-hokkaido.com
Other domains in certificate