Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=www.tonyandjimsplace.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
April 14, 2026
Valid Until
July 13, 2026
70 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
56:B9:8B:F3:6F:F8:99:C5:F5:FD:48:40:2D:A1:5C:8B:79:A9:AA:CA:4E:4F:F4:00:B2:05:D9:BE:73:CC:B9:5F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
codexaapps.com
www.aivree.io
alphaspecstech.me
cells.appnho.com
oticasdiniz.appshare.com.br
www.autoroster.io
test.autovist.com.br
hire.auzmor.com
www.aviad.dev
bestmormon.com
leaderlabs.bestselfy.com
nushima.brilliant-therapy.com
budgetpal.app
www.cleverblocks.io
reset.cliparc.world
cicumikuji.codeful.dev
government.ada.chat.codewell.ai
cuttingedgeglassworks.com
www.cuttingedgeglassworks.com
rpg.d9.monster
datarapor.com
dhwayam.com
sisar.eletechautomacao.com.br
olotila.entyvio.fi
klikd.falkor.io
fedigmaforge.com
bcn.fitdatapro.es
fitmate.co
www.flapps.de
www.flytinary.eu
promotion.francispradel.fr
gfgdota2.com
embed.gradefilm.eu
guhn-kfz.de
www.guzoom.com
haseeb.no
www.hasini.lk
www.hotelrestaurantdusoleil.com
imanservices.com
search.inagep.com
www.inspirapmc.com
oleksandr-valeriia.invito.link
juliojavieraguilar.com
www.dev-clientes.k-9apps.com
keybrane.com
lemurdescoms.fr
www.libertarianism.info
www.littleoraclespreschool.in
liwaza.ai
stmichaelscu.lunaconnect.app
lxrose.org
me2wind.me2soft.com
link.medbyme.fr
api.medeve.com.br
www.miguelaenlle.com
mlm.milktech.io
teacher.exam.mylearned.com
tv.mynt.in
www.n8nautomation.expert
nagycoin.com
navatar.live
ndiesslin.com
nkyibrothers.com
stg.ordee.io
owqlo.com
ig.parkalot.io
pdf-il.org
www.pdflyte.com
www.playsemantree.com
powerhousefitness.app
quotationwizard.produvar.com
api.staging.reach4help.org
recipetracker.net
floorplan.rf.live
riskycalci.com
meme.rolipoli.xyz
www.samneat.it
sergfurtak.com
www.signalventures.ai
www.smartsolutionsdeco.com
www.sparkup.uk
startest.in
www.sweetera.de
link.tabee.app
download.tarteel.io
vsight.technotrans.de
text2test.eu
www.thehousestacker.com
thestemgeeks.org
www.thomasandcopy.com
benched-dev.timewiz.io
www.tonyandjimsplace.com
link.trucksnb.eu
www.utah-directions.com
app.vdh-eventsupport.be
www.vermehrung.ch
voraluxury.com
waveskill.com
www.zaryab.work
www.zentago.io
Other domains in certificate