DNS Gurus
Cached · just now
80/100 SECURITY SCORE

Certificate Information

Subject
CN=order.ichiranonlinestore.hk
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 22, 2025
Valid Until
March 22, 2026 83 days
Public Key
RSA 2048 bit Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DF:BA:43:DA:AF:B4:85:56:CE:A0:68:4D:3C:C6:4E:87:DC:F0:9C:10:53:E2:35:27:F0:72:67:91:D9:5D:54:8E
Alternative Names
100 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains
dj.aeat.us

Other domains in certificate

a2moneyworks.com
auth.quizly.aaw3.dev
ai.partners
anbosg.com
elion.apini.cloud
mis.api.atomx.asia
www.aurohomes.in
altas.auxilio24.com
pay.avantlife.gt
www.bacbrenewables.com
bakchigi.com
qa.beereaders.com
servettefc.deeplinks.bfansports.com
staging.blockchain.bloqify.com
mbank.bog.ge
branchsm.com
brandsync.tn
breadcrumbdata.com
www.callafarsky.com
staging.camlist.me
app.cardhero.co
www.carefulclues.com
kali.ce-solutions.ca
learning.choucroutetropicale.fr
cv.aksel.co.id
www.codekavinx.com
manage.premiumselection.com.my
controlshrimp.com
gis.cvpth.com
decimators.app
basura.descubretrinidad.com
links.deskhunters.com
app.diia.digital
pesquisa-hml.doctorclin.com.br
cpanel.elitindirim.com
es-hausmeister.de
everowl-technologies.com
global-login-poc.fastsignsdev.com
www.fexdata.com.br
a0i2.foodle.su
www.fremtidensuddannelser.dk
g.gastroli.ua
gesundheitsberatung-eschborn.de
glssettlement.com
www.gregsherrid.com
grill-house.store
lp.hakensearch.net
hectorfalconportfolio.com
order.ichiranonlinestore.hk
link.igrow.asia
tourbuilderplus.imagineear.com
blur.img.supply
inkino.app
azampay.itrood.com
jjtw.pro
jobocalypse.com
kimakh.com
qa.koffi.vn
lafrun.com
flow-lp.leach.tokyo
quotes.levo.aero
www.lionsgate.in
campaigns-staging.mailtrap.info
maybe-yes-maybe-no.com
products.mesbro.in
moderncannabisconsulting.com
apply.money-phone.com
neuroemergencies.cc
www.ongroceryqa.com
opooq.com
displayv4test.order.place
app.pdr.cloud
pessimist.ai
www.pidodjezdy.fun
trader.prealyse.com
proshooters.com.br
link.redi-ngo.eu
www.ruteachat.com
survey.sanityandself.com
web.securityguard.app
senkimsin.xyz
tictactoe.sipservice.ru
staging.spase.io
booking.spelbagerosventures.org
squadup.app
www.synclly.com
demo-dashboard.takyon.io
www.tarajiquiz.fr
tehnickipregledoliver.rs
colorsnap.thefreetoolchest.com
www.thekarigarstop.com
www.tiarosacaldos.com.br
www.timebloc.app
toms-freiburg.de
www.toothcares.in
en.portion-control.turskyi.com
evolutionwellness-th.webplayer.fit
www.wingtakwong.com
wlo-info.fr