Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.cozy-house.jp
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 18, 2025
Valid Until
January 16, 2026
61 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4F:14:70:A9:79:1D:BE:F2:65:69:EB:6F:87:6E:E8:4B:DD:6C:8C:EA:55:D3:E9:7C:4B:37:38:F2:9D:D5:E8:08
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
intrasettle.com
28f.es
www.32pxl.com
www.adaconsultants.dev
stage-admin.alfred.mt
algino.app
ambitious.media
ampacumed.net
www.aptitude-labs.com
www.artist-connect.com
aurusconstruction.com
autosprinkrvt.com
www.axamotoroil.com
client-portal.booqed.co.za
breadbowl.ai
www.brijwasiinstitute.com
carmofilms.com.br
yamdoot.chitragupta.co
collaredme.com
stag-sale-admin.daikin.com.vn
app.cozy-house.jp
crystal-ai.us
todo.ctadel.io
www.dakshkhorana.com
dermalinf.cl
digitalprescriptionmaker.com
friends.docomondo.com
q3-track.dpdlocal.co.uk
www.dropdeadcreative.com
app.anki.edu.vn
www.elev8fitstudio.com
www.experienceinbytes.com
finopians.in
urbania.fotorama.com.mx
auth.fotowings.com
www.geradorinvoice.com.br
app.dev.getroeme.com
issglearnerfastyet.gkn.io
gm-garden.com
greekbuzz.info
stage.app.guestdash.com
www.hnn.bz
hyrly.com
tribenrg.impactwrap.com
impulseeloan.com
www.inb3.com.br
apply.inet.africa
mpm.inquaero.com
admin.investlinked.com
itanalytic.ru
itsecurityadvocate.com
disney.karimz.com
koolkid.vn
ksmutny.com
www.lovestudio.com.br
manateeflow.com
matchkernel.com
www.workout-tracker.mattpickle.net
ftfirebase-c3.moboreader.net
www.moegamatdeenludski.co.za
motogymkhana.rocks
mypeaceapp.app
learnr.namishkumar.in
pic-allwyn-test.mentor.neccton.com
neildas.com
link-cianorte.nibo.com.br
nigrasseguros.com.br
nostrpass.com
link.novvia.com
schedule.onechat.jp
www.opks.rs
admin.creative.optimasysdev.com
matrimonio.pantinelli.it
www.prestonpages.org
app1.privacy.ovh
www.proxytraders.com
app.psiconutricional.com
doctor.purpleemr.com
reception.purpleemr.com
cfcredito.quitaboletos.com.br
www.quizbandiere.it
ryinternational.in
stats.dev.sama.live
sateeshreddymaddi.me
www.signs-vegas.com
smedes.me
soracomi.com
www.startup-preschool.com
www.sunsideguesthouse.com
tarunmahajan.com
www.tayler.design
get.tip.top
trumpalyse.com
quizz.unboared.com
www.vatsalyaneuropsyc.com
app.vibrationworks.io
iaaps1.vidocto.com
volleyproapp.com
app.wystawnie.pl
www.zufallsgenerator.app
Other domains in certificate