Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=1ak-tokyo.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 25, 2025
Valid Until
February 23, 2026
74 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BC:60:8C:8F:A4:2E:61:00:9E:24:25:B0:0F:E1:69:7C:BF:94:41:9F:97:ED:64:5F:E7:74:96:3D:F7:93:3F:5B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
client-app-prod.talent-alpha.com
11520840.peerly.app
1ak-tokyo.com
acaidofera.com.br
www.africaeducationaltrust.org
app.912.digital
workspace.ar-chaos.com
stg.as-up-apps.jp
awesum.design
creato.beckerx.dev
boxlineucl.cz
www.brisasdelprado.com
corporativo-dev.butaco.com.ar
www.calcaresrl.it
app.cfep.com.au
admin.chessiverse.com
cafein.clau.io
www.codeforfun.com
www.codescaffold.com
theboxcraft.com.pk
www.csjm.tech
cuvos.com.au
www.dailydoseofdeal.com
www.denisnguyen.com
admin.feature.digiqc.com
web.feature.digiqc.com
www.dossiemoraes.com
portal.dspdesign.pro
www.emojidoku.app
totalhealth.play.emr.studio
www.leojustino.eng.br
mobility-map.dev.entur.org
pizza.fabiomelillo.it
health.fairerwarmth.com
app.firepermits.co.za
fixesr.com
www.freeislamictemplates.com
fuseapp.nl
masks.goodhood.sg
dx.stg.hatarepo.com
heluhe.lu
www.hoardle.app
www.humanasalud.app
gjafabref.husafell.is
incredipixel.com
iolcus.invessed.app
rdp.cas.itopia.com
www.kawabatamotors.com
www.keepfacil.com.br
dpt2-dev.da.letsdive.io
www.lorawomen.com
lunka.tech
www.maville.io
noaawin.med.sa
app.meetrecall.app
mexicantraindominoes.app
michaelsouliman.com
www.mikailrana.net
www.milosdukic.com
www.minhaproducaomedica.com.br
wonderland.mintz-hoke.com
eagent-uat-cms.mped.pl
open.msgdrops.com
murbadsportsacademy.com
mythreadtracker.com
baglung.nepaldrivinglicense.site
bardibas.nepaldrivinglicense.site
birgunj.nepaldrivinglicense.site
bs.npiapps.com
nudgeid.me
paymentlink.app
telefonicaspain.staging.platformkids.com
app.pretire.io
user-page.ptot-lab.com
pureplate.study
www.rahulservices.co.uk
app.rimschat.com
api-reward.testdev.riraku-sys.jp
santachoapps.com
www.sharedlens.ca
www.shenzhenconsult.com
simbiss.li
www.sonoradefensa.com.mx
www.stayhighadventures.in
blog.takein.com
www.teamhyper.io
www.thetreester.com
admindev.ticksy.app
pablo.tobalinapulido.com
link.trydave.com
developers.unlimited-robotics.com
www.villa-robert.com
kiaeasthartford.vinsyt.com
transfer.w01.dev
admin.w3creations.gr
prev.webuters.com
unicef.wiselysoftware.com
install.wufffriendly.com
auth.yapling.ai
yoojongwoo.com
Other domains in certificate