Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=bensjones.me
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 05, 2025
Valid Until
January 03, 2026
54 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
46:4D:C7:C0:3E:29:65:02:84:54:7B:0F:67:A3:22:23:B4:F0:E1:0B:75:EC:83:EB:DC:5B:05:D2:57:45:75:A4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
houseofpeaceministries.org
www.1ludo.in
app.aibi.ac.jp
portal.accountbooks.in
www.andreidmitriev.com
app.any-x.com
arekcichocki.dev
asianchildneuroclinic.com
avododo.com
docs.axino.nl
white.badshark.io
www.bellinmuseum.art
bensjones.me
bikefix.co.uk
bio-fluids.org
www.boop-noodle.com
castalianspring.de
www.catfishy.io
app.checc.io
chilidip.ca
app.cipres-prestamos.com
colonoslashigueras.com
old-portal.sengliy.com.my
www.cysero.net
link.ebay-kleinanzeigen.de
app.ecc.to
ekuitycapital.net
nycard.famm.us
www.fordshawconsulting.com
forodeescorts.com
developers.geniee.co.jp
gess-il.com
grandlay.in
gruber.md
stock.gwrevolution.com
www.hallpasshero.com
test.happyparentingmalta.com
gaia.app.hark.eco
hcppod.com
char-sheet.hlnr.de
www.howthecookiecrumbls.com
dm-q.interviewui.com
www.jaswanth.co.uk
test.web.keystoreman.com
www.kingdomk9training.com
www.kuttekimaut.com
www.lean-nishikata.com
lolesportscalendar.com
majdihouidi.com
www.markangelohernandez.com
www.midas-financials.com
monumentenstudios.com
staging.ttrebates.mssdev.works
nabad.net
www.nookdb.io
northernstarseed.com
eventful.nwbbc.com
onsail.io
hgs.opiartdesign.art
u-space-demo.orbitalize.com
endeavour.orchestra4edu.com
lane.oresundsbron.com
english-improve.outboundly.io
penaltybox3.com
performancetracka.com
www.pholacorp.com
pizzasfornalle.com.br
app.planetprotectoracademy.com
www.platfrm.us
www.platypus.land
pontotime.com.br
app.preciografico.com
www.rawlk.com
www.renneshd.fr
roomspanorama.com
rudigualter.com
www.rumairaerodesign.com
salomontienda.co
erp.staging.uzazi-salama.savannahghi.org
www.saylynconsulting.com
shotlytics.io
siennarosemusic.com
dashboard.signerz.com
sistemainterno.com.br
www.skillrazr.com
skyview.group
www.snowshop4.com
www.sppetroleum.com
app.teacherfinder.com.au
backend.tendercuts.in
www.tesla-tec.in
thesowetobarbershop.co.za
tonyvitro.com
twimble.com
www.vecinos360.com
www.vusono.org
premium.wagon-nurse.com
whatshouldidesign.space
xapps.com.br
link.yburlan.ru
Other domains in certificate