Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=www.thaivh.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
November 28, 2025
Valid Until
February 26, 2026
36 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DE:22:7B:A8:77:53:BD:41:08:69:28:E9:18:2E:75:2C:A5:74:5C:15:BC:6F:FA:D8:16:DC:6E:7E:1F:E4:4E:CE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Wildcard CAs
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 4 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
100 domains
www.mitset.tech
www.andriusbudrys.lt
www.arvat.tech
dl.baikin.net
ikuiku.baikin.net
belizebotanic.com
data-calc.calculatorhub.app
demo-flickr.candraaji.com
canererdogan.tech
app.cardladder.com
cgriley.com
www.cgriley.com
collievalley.com
auth.waraja.com.ng
neupaneanish.com.np
santoshdeuja.com.np
www.neupaneanish.com.np
app.carewithlove.com.vn
admin.comesit.ir
testnet.cream.finance
mythos.darkcloud.app
davidringgenberg.ch
dhamma01.com
www.diapp.tech
diratak.com
auth.dividend.watch
doleminhtri.com
www.donchev.is
ehlands.com
ernestorossitto.it
www.ernestorossitto.it
ymgng-wiki.eungyolee.kr
evmtools.xyz
www.ezymoney.in
xn--lreplasser-d6a.fagbrev.io
share.ffn.de
staging.console.firepanel.io
francisvertedor.com
app.getapollo.io
giftmoja.com
ginseng.tech
accesodigital.sinaloa.gob.mx
maletindigital.sinaloa.gob.mx
tutordigital.sinaloa.gob.mx
nerijus.gromas.lt
tools.growth.pro
www.i-portalen.se
proj.detzz.in.th
jakejoris.lt
jgtl.org
jjeboerdery.co.za
brand.jointaction.solutions
link.jointaction.solutions
www.jommakaneatery.com
link.juteq.ca
rominagamarra.kiwikode.io
konfer.ca
lalapoker.nl
game.leandropiccione.com
www.meoiswa.cat
mintflavoursofindia.com
panel.mousee.tech
mrinjamul.in
www.koinet.my.id
www.mytbl.app
nihss.plus
docs.objectgo.de
ohoclub.space
experiment.okhi.io
olivershi.net
papafoods.com.au
pimzonneveld.site
piscada.online
api.playify.it
polar-bot.com
shelter.projectgiven.org
rembre.cl
dev.riark.in
xray.sabuj.in
www.shadabshamsi.com
firebase.siwane.xyz
market.socialbureau.io
stianantonsen.com
www.studytme.com
sydelab.com
www.talkaboat.online
tectum.ba
www.thaivh.com
waterstone.co.za
www.xn--57h.je
xn--aksjefring-5cb.no
xn--arcuslbet-q8a.dk
banking.xn--lun-lna.vn
www.xn--meistermssenaufsteigen-zlc.de
xn--mlnet-mra.se
www.xn--nestelp-v1a.no
xn--z4qt9d32y.jp
www.young.fm
distro-omikuji.zuikou.dev
zylinski.pl
Other domains in certificate