Open
Cached
·
just now
72/100
SECURITY SCORE
Certificate Information
Subject
CN=www.taxauditor.or.th
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 04, 2025
Valid Until
January 02, 2026
39 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0A:71:AB:E4:AA:8E:EA:C5:CC:35:DA:91:A7:A3:94:95:A2:E1:DE:43:E6:A3:8C:83:BF:6D:9B:8C:28:B3:33:DB
Alternative Names
Security Configuration
TLS Protocols
TLS 1.3
Forward Secrecy
Limited
(Check cipher configuration)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
help.quike.com.br
api-ios.abra.ai
sdk-android.abra.ai
sdk-ios.abra.ai
onelaw.adminute.co
rmi-dev.andersonopt.com
test.boldthumb.co.za
test.bpc.pl
www.ccgr-wy.com
www.centricpos.com
ceria88.com
www.cerotechnologies.com
chozhafoods.com
chrisparsell.com
clepsydra-bien-etre.be
admin-dev.sang.com.vn
www.doordrink.app
app.dubaiaction.com
caf.entrancezone.com
quiz.entrancezone.com
rank-prediction.entrancezone.com
dev.erdostracks.com
ericdahlberg.com
seller.esecuritycart.com
api.excitation.app
app.exportsdk.com
www.fedealmendra.com
portal.fictiontribe.com
search.financializer.com
www.firibz.com
buy.fitnowx30.com
dashboard.flexday.com
coupons.flightshotelreview.com
www.fliteworks.com
merchant.foodkub.com
stage.foodkub.com
app.foodstyles.com
www.freebiesdating.com
www.frontfiles.com
funnelsec.com
geeksonfeet.com
giovanarochabeauty.com.br
dev.notify.gluco.zone
hardi.club
www.ishouvik.com
sandbox-admin.jaysmetal.com
www.karouisit.be
appointment-completed-adn.lifestylemarketing.com
appointment-completed-lg.lifestylemarketing.com
appointment-outcome.lifestylemarketing.com
enter-a-digital-lead.lifestylemarketing.com
enter-a-lead-adn.lifestylemarketing.com
enter-a-lead.lifestylemarketing.com
lumberjack-programmer.com
www.marinegpt.ai
mattboyett.com
gat.merthincloud.net
nmmc-data-ingestor.merthincloud.net
admin.mytwido.com
www.nicotinecount.com
fbisd.nowims.com
app.ocuon.com
sign.ohmygodplayground.com
waiver.ohmygodplayground.com
mypage-demo.omsister.com
mypage.omsister.com
sauternes-dev.online-monstar.com
support.onpointrblx.com
www.taxauditor.or.th
pattersoft.com
www.piratrack.com
pixelcrux.com
plusonelaces.com
admin.pobazaram.com
app.postperk.com
dashboard-dev.postperk.com
procleanmentoring.com
www.progean.com
academy.publicismedia.co
m2.pwafront.com
rameezvirji.com
rateinflation.com
realactionsoft.com
www.realactionsoft.com
app.reflectivelearning.co.za
ryo-koike.com
sarunp.com
pro.saudeflow.app
securedetails.com
shelvable.com
app.sidtips.com
www.squbix.com
rslfanscan.sqwadhq.com
syncstrategicdigital.com
app.ticsheet.com
truthordrink.com
www.truthordrink.com
dashboard.unikhire.in
unrambler.com
watchedh.com
Other domains in certificate