Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=hdv.hk
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
46 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FC:16:A2:36:A3:79:3E:1C:30:73:AB:AD:2E:80:DB:E8:09:30:B6:A3:93:3E:EB:F8:D3:3B:0B:35:85:A8:80:9E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
eccentricdonkey.fotorama.com.mx
kellner.4bits.mx
bo.9xlx.com
pj-fi-dev.adssets.com
notification.aesthetisuite.com
labelers.aimmo.ai
www.alolabsplus.com
shipfromstore.fpui.ameroservices.dk
anekdotes.in
www.antiinflammatory.app
app.automat.ai
images.barroisantiques.com
test.batjet.it
www.betuwings.app
navigator.bowhead.ai
cehl.site
chefs.tv
www.chronoint.com
www.codedmile.com
dev.cyferlinx.com
www.digitalgoods.dev
docus.app
www.dynamicpace.se
eannem.com
easthai.co
eftychiaevents.com
www.ethouses.io
www.ewjo.co
arcade.farazeid.com
app.feeling-match.jp
app.fsnext.org
www.galeteriavenetocaxias.com
codelabs.gdgbaku.az
www.gptech-ai.com
whatdidyousay.greifmatthias.be
gsp.chat
www.guillenyasociados.com
hdv.hk
www.herospace.app
meru.ianletourneau.com
katoomi.iksnaro.com
www.imperium.rentals
blackwoodpizza.infinitifood.com.br
www.inin.vn
staff.inspireacademy.dance
itribe.in
dashboard.itsonmenu.com
www.jfhtech.com.br
www.jobbing.cl
www.joinstar.app
justride.com.br
karvesoftware.nl
www.kikobooks.com
kiptrack.app
krushanov.su
labourerwork.com
www.lammertsma.com
www.orbit.learningsuite.io
sparrows-ideen.linoo.ch
tirupathur.loyaldroptaxi.com
two.mezcal.games
www.moeshadi.info
moojob.com
name-wheel.site
nammadrones.com
pic-starvegas-ch.mentor.neccton.com
www.nelsonmha.ca
ordering.onehivegroup.com
www.onisa.co.za
onpathdiagnostics.com
ibfvinhais.org.br
fse.paistie.com
www.pandaapp.me
pixel9protraining.de
spotiapp.princdev.com
www.propexso.eu
myaccount.proxycave.com
www.psykologkurs.no
www.rageon.es
retina-atlantic.sentrex.com
shaheenmuhammed.com
sisucarecollegeofnursing.com
dev.snippetable.com
sodialed.com
analytics.beta.spaceknow.com
stlpolicyproject.com
www.sucolabo.jp
www.ta1uchida.com
conta.tag2u.com.br
themashagame.com
admin.themint.jp
ttovarischh.com
ummo.trade
versetech.app
webhq.co.za
www.wod.app
wonplatform.com
order-de.yobee.au
order-uat.yobee.au
youssryessmatt.com
Other domains in certificate