Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app-dev.nikugen.jp
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 27, 2025
Valid Until
December 26, 2025
38 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2F:9D:0A:44:0F:73:91:6C:20:83:93:4D:29:90:1A:CC:D7:3C:81:3B:8A:B6:E4:A9:A4:6E:51:54:C0:E3:15:9F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
gr.chat
stag1.app2.1on1navi.com
www.adwokatbenc.com
eziostat.aerogram.in
ajwillmot.co.za
alexfriedman.tech
www.americanrevolutionexpo.com
login.aodocs-staging.com
test-firebase.aodocs-staging.com
atlasgeneration.ma
betpayapp.com
birsbirtok.com
beheer.bobdebot.nl
www.boliviapetsupply.com
bookbuddy.app
bookwriterencrypted.com
hris.bprmsb.com
britta-meinke.de
order.cafespicedarlington.co.uk
www.calebsmith.site
bulletins.churchstreamer.org
test.maltia.cleversecdesarrollo.app
app.clevertrack.dk
app.cluehub.io
codykit.dev
wezen.coldwinter.cc
journal.coolcold.co.uk
transcribe.creativechange.us
rubiks-cube.curtishughes.net
digitechsite.com
educlaret.com
stu247-link.ehubstar.com
www.elternberufswahl.ch
espetinhosbilk.com.br
expeditelaw.co.uk
admin.fadenwerk-murten.ch
card.finaleoutdoor.com
whitestone-admin.firepermit.online
fishlix.com
fxashbell.com
getsober.app
afiliado.guiapass.com
www.handpokemon.com
testcard13579.healcard.com
dev.cargo.helex.io
smoothies.hickory.house
app.hirelogic.co.uk
www.imagemeasurement.online
internal.indemak.com
www.j-li.org
photo.jemedia.org
jkpalace.com
lareposteriadetuttymx.com
teacher.lessontime.co.uk
nanaychat.com
app-dev.nikugen.jp
www.nimitjohri.com
nittakazoku.com
www.nuevaurbana.com
outofcontext.chat
www.oxford-fitness.com
chronos.paradowski.site
driver.parcelquest.co.za
penguinartists.com
www.phyxsi.us
www.pigeonquest.com
warfare.pikaoku.com
cards.polipay.io
admin.pontuax.com.br
practicalweb.co.uk
link.prayermatch.org
proteum.digital
fgvtn.hom.quantumrfid.com
www.staging.quirkylabs.ai
app.quizzme.nl
www.rtredes.com.br
www.shopmyinfluence.fr
sidebysidevideo.app
www.silva-bouw.nl
www.smartautismbarta.org
smile-award.net
www.stevning.no
www.store4up.com
www.sucu.no
www.superfluid.io
www.thercc.us
tidbyt.app
social.tigweb.org
www.timetalk.one
www.tofof.org
unamesa.org
mathtest.utr8-group.com
vitacast.vector3studios.org
www.viniepecorini.it
weepay.com.br
login.westsprucecreekdatabase.org
wietsevenema.eu
www.workwireless.net
www.zeniatechnologies.in
fnqcw3.zgus.com
Other domains in certificate