Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=philips.thewonderofyou.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
47 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
69:8E:01:3B:29:B8:60:A4:E1:77:98:FE:45:B4:48:38:C7:43:B7:72:0F:8D:1D:84:85:A3:5B:DE:F1:67:A5:59
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
demo.slavemgmt.com
2018.ngvikings.org
abracadalo.com
admin.accountswitcher.app
alastudy.kz
ohne-zeit.amateurinmotion.com
in.andrewhowden.com
androidboss.com
www.anjnajoshi.com
links.aop-campus.com
profile.arkdating.app
www.arquant.com.ar
bergmann-studios.com
berkacar.com
binarybrust.com
blok-academy.com
blueborealis.com
cherylsimmons.net
kibana-bagelcode-starspins.circuscode.com
circuspremium.com
gigante.copsis.com
corpdev.ai
crazysoccer.no
cvl.ai
dashport.run
poste.decodedetroit.com
delbee.mn
delegatewith.me
devendran.dev
divinecaremn.org
www.dogure.com
emmanuelimhontu.se
empowermentaltherapy.com
ententecitoyenne.ch
eulerlabs.io
ezegallery.com
www.feed-car.com
gronstedts-timeto.folkofolk.se
admin.getluvu.com
www.haeywa.com
www.itscoastal.com
dev.journeymakr.com
justsomehelpnj.org
www.kitesprepschool.org
kongeladus.com.br
kothinker.com
leaderboard.cc
linkbus.app
www.malcolmhaslam.com
nuxt.blog2.maxentwickler.site
www.microskin.beauty
mymym.com
croatianchurch.myradiotvapp.com
navus-consult.dk
academy.nextmove.nl
ninety180.com
www.clemson.nkportfolio.com
crazy-ball.demos.nuboservo.com
www.octopiagames.fr
www.pankajacreations.com
parentsinclusionnetwork.org.uk
sources.pathfinderpad.com
api.puckdrop.app
quickmaths.online
discord.randomdice.gg
rebornagain.art
www.regentaenzer.com
renneshd.fr
anw.rxcx.au
share.satyaniti.com
scan-happy.com
auth.scarlettwhitening.com
roadrunners.seasonshare.com
setlist.dev
labels.sfmtools.com
shishyaa.org
smartwrite.app
bcheroes.sqwadhq.com
pro.sterilwize.com
strimatiq.com
tampamariam.org
techbruder.com
philips.thewonderofyou.io
share.tonit.com
toprealty.ru
viziere.totalgravura.md
www.ulisti.com
medigap-api.utah.gov
app.velauto.com.br
vlaci.com.ar
www.vnyreddy.com
www.way2think.com
womandiary.app
worklibrary.link
link.yardzen.com
www.yeetapp.com
yektademirci.me
yomwp2p.com
go.zapier.net
zyadashop.app
Other domains in certificate