Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.bensjones.me
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 22, 2025
Valid Until
February 20, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9F:FC:D8:36:6E:08:09:8B:3C:64:94:AC:B5:9E:9D:07:3B:E7:4C:37:95:5C:75:9F:6D:C7:77:23:CD:37:0D:9F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.bottomlesstech.com
code-publish.dev.2u.fan
www.agilesoftware.es
airbuy-japan.com
alexispoveda.com
www.alliancehcstaffing.com
www.arcondrilling.com
www.asq.ro
mobile.axptscout.de
bartersintl.com
hpmg.baseph.com
www.bensjones.me
bhumikaboricha.com
bundle.blurb.fail
botsak.com
bumbar.co
app.caddiegames.com
staging.carbonopus.com
catchawavessettlement.com
app.cineras.com
cloudmacaca.com
kiosk-client-test2.cleanbox.co.il
app.contentstatus.com
admin.prod.contingenton.com
app.contracts.plus
www.crecker.dev
csmbksctvenice.site
dddyor.com
dermoth.com
e4iu.pt
eott.ca
console-dev.epesipay.com
sprint-wrh-admin.exitest.com
webapp.fantaastalive.it
fictionista.club
www.flightyfelongames.com
verizon-staging-ideacloud.forgedx.com
fp-lab.com
www.futureando.com.mx
promo.gbm.com
admin.ginferno.app
www.golfhandicapp.com
gloomhaven.gregleaver.com
hackvcis.com
www.helvetica.world
www.hexreviews.co.uk
innovativa.co.uk
cnmi.nurse.ishealth.app
www.izaytsev.com
dl.jdmart.com
jiffyfuels.com
www.joshix.com
mta-sts.kamp-consultancy.it
test.kovomik.cz
vote.kunle.io
manualpro.co
coach.mento.jp
docs.metafor.space
app-euskera.metodoeseyde.com
niduu.com.br
noahzeilmann.dev
notetoselfapp.com
customer.onlinepartner.se
app.pacelist.co.uk
app.pank.org
tjx.parkalot.io
peppersworldcafe.com
pharmxplain.com
www.psdhub.org
ramenhousepoblenou.es
rd.rapiddweller.com
riotravelsindia.com
app.roas.org
roellmedia-streams.de
roqnetworks.com
megadrive.ru.com
my.test.runmyservice.com
team.scouthub.app
singulartrader.com
www.somnolentteam.com
strumly.co
studioestlumiere.com
surveyflow.app
tbutler.dev
devadmin.teetra.com
tharkuritech.com
www.tomprice.dev
v-p.dev
app.vaitos.ai
visarepublic.in
cocobunny.voxelcubes-games.com
wakoyume.jp
www.wavehex.ca
weorigami.com
yukselanahtar.com
yupistudios.com
m.zchoolmate.com
www.zipurl.io
integrate.zolnoi.com
paylink.zonbayar.com
Other domains in certificate