SSL Certificate Analysis for vietcuongit.id.vn - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=thomas-crook.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

November 07, 2025

Valid Until

February 05, 2026 71 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

16:40:22:A7:53:13:D5:E7:41:7D:25:16:DF:47:62:E4:F5:E9:82:05:22:55:BD:4C:2A:5E:77:CF:4C:25:EF:B4

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

nvqmnvqm.id.vn vietcuongit.id.vn hustcv.hust44.id.vn

Other domains in certificate

v12.material.angular.dev

www.aomile.in

hire-qa-v2.auzmor.com

b2cnews.in

app.dev.boostchinese.com

p.bulletproduce.com.au

caarya.in

www.caribbeanplaster.com

www.cheapshora.shop

demoschool.classet.in

relianceservices.com.ng

dipinkumarmahara.com.np

appcraft.com.tr vodvilsahne.com.tr

nganam.ebot.xbot.com.vn

dargo.id

www.divifertility.com

www.empotechlabs.com

evolumia.cz

fliesen-bockrath.de

web.gastacomigo.net

globaldigits.store

gohype.in

greymatterescaperoom.in

heidrundigital.com

hotelvillam.de

iconcards.in

www.innodermhealthcare.com

www.innoliq.com

app.insiderpie.de

itsnotaphasemom.cz

www.jaysquared.com

www.jessicaguo.me

kairosnature.com

www.kevinandersson.dk

kineserenjyderup.dk

linonest.com

luckypunch.app

aperol.luukbartels.nl

marvil.cz

www.mhroy.fi

www.milesbd.ca

dev.moonplay.co

mrehman.co.uk

click.one.mumara.com

musclemystery.com

www.networks.chat

app.ngtpay.com

pr.nkai-tech.com

www.noachristensen.com

noelleeminggroup.co.nz

virtual-showroom.nomtek.com

nyungerland.net

qa.onerevolution.com

citysuper-amazingfoodhall-ts.order.place

pariworld.org

www.persisch.de

signin.philanthrosphere.com

www.pilfil.com

pradostudios.games

auth.premierlacrosseleague.com

www.previsy.com

test02-link.propertyloop.co.uk

queuesalesteam.com

rajioni.net

operations-rm-common-tmo.reachplatform.com

rentalaware.com

literaturereview.researchout.com

shop.richierichicecreams.com

roomalaya.com

rustleren.nl

filter.santevia.com

saruketharestaurant.com

www.serviceamplified.com

www.servicemyvw.com

presse.simpleclub.com

simplifiengineering.co.za

www.solarevworld.com

sqcommercial.co.uk

uchealthavstrivia.sqwadhq.com

studicon.tech

www.studiorenatabergamim.com.br

swallow-spiegel.eu

tapauu.com

next-beta.telecrm.in

the-future-gentleman.com

deletenote.thesha.blog

thomas-crook.com

topmokyklos.lt

trela.games

tumbo.fun

app.vjago.com

voixware.com

historico.wdsolucoes.com.br

qrcode.xemprod.com

backoffice.yurtle.co.uk

frog.zenselect.jp

Free Cloud Credits

Get free credits to test cloud platforms