Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=admin.angolaservicehub.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 13, 2025
Valid Until
January 12, 2026
62 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
38:4A:95:EB:75:52:88:A4:68:8F:23:72:56:1E:5A:A2:8D:7C:4F:DC:38:FE:FA:66:44:D0:43:B0:8B:19:EF:D6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
cho.li
agrafino.gr
back-office-stage.aires.digital
admin.angolaservicehub.com
app.angolaservicehub.com
avr-awvn.appdashboard.nl
avaliacaodefiltros.online
applink.checkinn.kr
www.cheezfactory.in
www.circlespace.in
www.climbing-factory.com
jisponge.co.kr
mlink.one-click.co.kr
click.diab.com.vn
dadovyuzasnevlajky.eu
docrobin.net
drduncanweb.info
betriebsrestaurant.dussmann.com
staging.easypec.com.br
www.eclub.space
infomail.bilgi.edu.tr
emotionalsupportbots.com
p3.enigmahouse.jp
sso.eraconnect.net
lybo.espora.net
www.eternalhopejewelry.com
ezmanage.vn
medical-auth.fantry.jp
forktune.rocks
nft-ticket-admin.getlychee.link
goalpointfs.com
www.hayate.co.jp
ibmvillamaria.org
inductcraft.com
www.inductcraft.com
intimcity.love
treemap.irepertoire.com
www.iturrima.it
www.jayce.life
www.jiye-lee.com
jm-alustal.pl
www.katoltmans.com
west.kikaru.net
komvik.de
www.kragency.fi
tapkey.krcgatletiek.be
linearcalendar.linearbits.com
candidati.linkpoliba.it
morrenhof-jansen.nutt.test.m4m.io
maltia.mx
marsbasen.dk
martinusoost.nl
mastersoft.si
mentneo.com
mlottery.in
www.monolabs.co.uk
mr-chefs.com
nails-hawaiian-bar-lashes.mybestsalons.com
myfootballoficial.com.br
nianacoach.com
www.nicolastawk.com
nimtaraandrukshan.com
auth.admin.nommelier.me
dev-doctor.novemapp.com
onlyryan.co.za
optimxsports.com
www.paavaifoundation.org
www.perlahaz.hu
perm.fyi
philhope.dev
ranipet.rainbowsdroptaxi.com
tirupathur.rainbowsdroptaxi.com
ravenrysystems.com
relative-ci.com
www.schuldenhilfe-telefon.de
sdatoken.com
www.sedusa.in
shoepapi.com
et61v5piqdtfafmjjl0s.smartimob.io
api.snapfurnish.com
starkandbold.com
takushima-farm.com
company.tecrest.co.jp
www.tennisdash.com
school.testpia.app
thetaxraven.com
auth.staging.kyoukasho-ai.tokyo-shoseki.co.jp
toprated50.com
dev.trackmygiving.com
www.treq.me
www.trungvietsongngu.com
cursosmedicinaintensiva.ub.edu
dulab-univis-iot.ufac.dev
vatsalyaneuropsyc.com
dashboard.w3lcome.com
api.waapp.me
www.whiskeymate.net
dev.app.wildorchidwatch.org
www.yargies.com
mijnportaal.zibinvestments.nl
Other domains in certificate