SSL Certificate Analysis for users.thejy.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=konahorseplay.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 04, 2026

Valid Until

July 03, 2026 44 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

46:04:B8:3D:51:4F:AC:04:5C:54:6E:72:F3:7B:F8:58:35:AA:E0:35:28:0E:7B:0A:6A:EB:3C:66:2E:4B:D9:76

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

thejy.com *.thejy.com *.cdn.thejy.com *.controlpanel.thejy.com *.ww16.thejy.com *.ww25.thejy.com *.ww31.thejy.com

Other domains in certificate

335ii.com *.335ii.com

brownbelt.com.au *.brownbelt.com.au *.ww25.brownbelt.com.au

ceskyterrier.com *.ceskyterrier.com

chainreactionkids.org *.chainreactionkids.org *.dev.chainreactionkids.org *.www.chainreactionkids.org

columbusohioeuchre.com *.columbusohioeuchre.com *.ftp.columbusohioeuchre.com *.localhost.columbusohioeuchre.com

*.api.gdnmobilelab.com *.app.gdnmobilelab.com gdnmobilelab.com *.gdnmobilelab.com *.images.gdnmobilelab.com *.origin.gdnmobilelab.com *.pushkin.gdnmobilelab.com *.pushy.gdnmobilelab.com *.stg.gdnmobilelab.com *.video-notification-admin.gdnmobilelab.com *.ww16.gdnmobilelab.com *.www.gdnmobilelab.com

*.allesmateuslww42.healthscopesbenefits.com *.demos.healthscopesbenefits.com healthscopesbenefits.com *.healthscopesbenefits.com *.origin.healthscopesbenefits.com *.users.healthscopesbenefits.com

hookup.it *.hookup.it *.hostmaster.hookup.it

jig.com.au *.jig.com.au *.www.jig.com.au

konahorseplay.com *.konahorseplay.com

lgpi.org *.lgpi.org *.random.lgpi.org *.ww16.lgpi.org *.ww25.lgpi.org

lillyhot.com *.lillyhot.com *.ww25.lillyhot.com *.ww38.lillyhot.com

*.it.orderproperdirect.com orderproperdirect.com *.orderproperdirect.com *.ww16.orderproperdirect.com

portuguese-water-dog.com *.portuguese-water-dog.com

*.comune.prowess.com.au *.pro-stats.prowess.com.au prowess.com.au *.prowess.com.au *.random.prowess.com.au *.ww16.prowess.com.au *.ww38.prowess.com.au

qwb.au *.qwb.au *.ww25.qwb.au

used-excavators-for-sale-near-me-04.sbs *.used-excavators-for-sale-near-me-04.sbs

*.ns2.viamaritima.com.br *.ns3.viamaritima.com.br viamaritima.com.br *.viamaritima.com.br

wholeem.com *.wholeem.com *.ww25.wholeem.com

*.dream.worldgames.com *.hostmaster.worldgames.com *.live.worldgames.com *.m.worldgames.com worldgames.com *.worldgames.com *.ww38.worldgames.com *.www.worldgames.com