Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=admin-labeling.datafirst.co.th
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
54 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7A:C2:96:38:A9:B3:B4:71:07:2D:D3:72:BA:13:1A:FA:F8:2F:7A:D9:34:6F:36:EA:4E:E2:7E:6B:E4:0C:17:77
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
labolce.com
www.aaronburpitt.com
dcjp.aawssm.com
csos-client.amiti.cloud
www.anymoney.co
app.aokitech.com.ar
ticket.arcadeqr.com
baiuca.co
bijlesbob.nl
logistica.borigenbetzel.com.ar
bouafia.ca
calendar-dev.branchapp.com
au.buzzable.me
caloreez.app
camwoodcandles.co.uk
canadiancountycasa.org
circuitodeideias.com
replay-docent.citolab.nl
prestadores.clasealpha.com
pancarib.clau.io
www.cloudpark.app
admin-labeling.datafirst.co.th
www.connectedapp.com
auth.crowdbullish.com
consensus.curtishughes.net
app.dhaplus.com
www.driveclear.app
electsum.org
www.emilyslittletreasures.co.uk
app.essentiallysports.com
www.eurika.app
admin.evolution-xr.com
fedrigo.com
ferahkurban.org
fiddlerswork.com
agreena-staging.fieldmargin.com
www.firstdrivingandtrafficschool.com
app.floatr.in
stage-dev.fluss.io
a0b8.foodle.su
www.gaashapp.com
gachigames.com
asesoria.gestomex.com
qa.gethovr.com
getslides.app
ginastgermain.com
www.gznmusic.com
halscoon.com
harrahdental.com
heycor.co.uk
hongleong.dev
console.jan8.net
jhtools.org
develop.jlocatio.net
kemluk.com
kipaschool.com
www.kpelz.eu
www.leadshousemedia.com
littleacewedding.com
livbraiker.com
masvalue.it
netmenu.mdc.com.br
matchmaker.merci-michel.com
mgustav.ca
groups.mkting.in
app.mobilyaka.com
supplies.monet.world
murakamilab-nit-kagawa.org
nebsyl.ai
www.nexotron.com
www.novelcraft.app
nuestraradioestereo.com
legal.oportuguate.gt
devcrm.parallelcap.in
www.planeteru.com
pokeaddx.com
www.ppfl2025.com
qad.nl
www.qflit.com
dev.rcloudsoft.app
gs.remedo.io
www.roshanhaleem.com
dfnutrition.runtalos.com
www.scuolascipragelato.com
demo.showitbig.com
scp2.sms2mkt.com
app.stairsphysiotherapy.in
mafia.stattogether.com
instant-booking.talentics.app
www.theintellects.co.uk
firebase.timewarp.app
www.tj401.com
www.travelfreakvacations.com
firenotes.umthing.com
urbandens.co.uk
3s.urbin.app
vencerpaints.com
adminservice.walletpayment.net
wearflow.ai
wondergrow.org
Other domains in certificate