Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=app.kohwork.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
January 30, 2026
Valid Until
April 30, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0C:6A:9A:4E:FE:27:9F:47:19:B0:BF:D0:16:17:78:49:22:D5:55:A6:F3:86:C0:B6:3C:0B:C4:A9:00:F2:EB:AF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Wildcard CAs
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 4 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
100 domains
beemind.ai
2dcstudio.com
share.authenticator.2stable.com
www.3anchor.org
games.abue.org
resources.abue.org
www.abue.org
admorphit.com
www.agendafacilcliente.com
alterwabbit.com
amarabeautysalon.com
anvarat.com
www.anvarat.com
ayanengenharia.com
quantix.bromine.dev
bttger.de
casatuacocina.com
cebronx.org
auth.chahakfoundation.org
assets.codefordemocracy.org
colegioplanetabrilhante.pt
engage.colorofchange.org
sushilgyawali.com.np
cpo333.org
dev.varever.cradlecode.com
mvp.craftyourtaste.com
calculator.dave-becker.com
dipendentistatali.it
toolstore24h.dongnaifeedmill.com
o.e-zfish.org
observatory.e-zfish.org
app.edhstat.com
edinaleckovic.com
gastronomia.eag.edu.ar
strona.seed.edu.pl
app.embaixadasavoy.org
nahuales.enimod.com
www.finns.me
costos.fritsky.es
horarios.fritsky.es
firebase-test.funktronics.ca
www.ganacontupc.com
gerher.com
app.eindhoven-airport.glamorousgoat.com
gplps.org
hadinsolution.com
harshtonschools.com
www.healthmaddy.com
hoodsfood.com
edp.hrbot.com.br
hnt-atestados.hrbot.com.br
www.ibossco.com
developer.imobzi.app
uat.tagtory.in.th
www.infraconsheltersafrica.com
app.invoice-maker.org
www.jonfadum.com
khos-tsamkhag.mn
app.kohwork.com
kollektivzuerch.com
admin.kuwaitfi.org
lasercow.org
www.lasercow.org
www.mapgallery.online
mawoservices.com
mh56.in
miradamagicca.com
motokadr.com
v2.mp3paw.link
v3.mp3paw.link
l.nested.com
www.nexigoenergy.com
nixorobex.com
ojstudio.com.br
presidentes.uejn.org.ar
www.partnersinparenting.com.au
pickajob.pl
ava.pyladies.se
ravibs.com
sketchtostitch.in
stickykreations.com
admin.swapmenus.com
tegg.app
webbeta.tejimandi.com
coronavirus.thebaselab.com
www.theest.com
staging.thefixincbeauty.com
www.thefuckingfatcat.com
genshin.thekima.com
timtrack.net
trackgit.com
www.trungtrinh.ca
tsoftprod.com
www.tsoftprod.com
ubk-qs.com
www.ubk-qs.com
testh.virtualseat.live
xn--82c0aan2a3bq0aubd6c5bc3q9a7b5aj.com
xn--foa.cc
yallagarage.com
Other domains in certificate