Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=hskexam.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 03, 2025
Valid Until
March 03, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CF:36:94:2A:6A:DB:4C:29:71:39:88:0C:64:D6:7A:C7:DD:63:72:3D:33:FE:1B:72:50:F3:0E:86:63:BE:D0:19
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
careeradviceoffice.co.uk
qa2.connect.adswerve.com
admobbrowser.africasunrise.com
aiconsultancy.dk
admin.aidara.app
learn.staging.akademy.dev
mentor.staging.akademy.dev
www.akkordeon-orchester-ensdorf.de
www.aktivitetskartet.no
alderon.com.au
www.alhistolog.com
link.amadorn.es
www.aplicativo.store
blogs.ashutec.com
auth.avion.lv
www.benbeintl.com
bim360.concrete.binni.co
blurgh.nl
store.bookinggood.net
app.boxswap.io
staging.brickwise.at
scout.bullbots.org
viva-pizza.busquenos.com
dashboard-dev.clientchatlive.com
stringcode.co.in
www.kalimabeach.co.ke
www.interactivedeveloper.co.kr
cummingstorageunits.com
www.danielvieira.dev
gym.dijiti.com
eastcoastdigitalprogramme.co.uk
kafajayagading.edu.my
pukkeladmin.elveguiden.no
emoji.kitchen
facundoleites.com.br
fantasyderby.org
www.fatihdumanli.com
dev.frica.info
gfveicoli.it
www.ginauslese.de
mx.demo.hamidasghari.com
www.hapihub.org
apps.hasan.life
hskexam.com
www.tupromedio.ifcastaneda.cl
mailroom-de.input4you.be
app.kartojn.com
kingfisherkayaking.com
www.kizki.life
app.test.kjenndinkunde.no
kkgarrett.com
tools.knwar.com
facebookdevelopercircles.lapieza.io
www.dev.renter.leasera.com
preview.leximancer.com
www.liquidacionstock.com
pay.livewebtutors.com
maddragonfoundation.org
www.marcelodavid.com
marylane.com
dev.mastercardevents.it
www.mattduncan.org
mattgalloway.com
app.metcher.fr
muazzam.my
newriverninjas.com
checkout.nftconcerts.com
nimon.ca
relatorios.opengera.com
www.orange-u-glad.com
twitchaddon.panicked.xyz
paral.us
liveqa2.peppybiz.com
piugames.com.br
www.rapinnotech.com
ratemyuni.co.za
robert-costello.com
rutupatil.com
pay-strorybook.ryd.one
www.sanpetekidscare.com
chat.severin.life
www.sheboyganderm.org
skumaker.net
auth.soundflow.org
app.spacelogik.com
sportfolioreport.com
stagefinder.no
celebraciondedonalfredoavelar.swanmoments.lat
tauruscatering.co.uk
teacherpilot.de
teatrodellebiglie.it
telemensagem.app
tgsnetwork.org
the-bellemontnyc.com
tinemor.no
tokono.com
pp.uax.io
www.warlock.games
whatcouldgowrong.ai
world-action.org
Other domains in certificate