Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.long969.com.tw
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 12, 2025
Valid Until
March 12, 2026
43 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
17:64:E4:02:EA:CA:F0:2F:ED:94:7F:41:A9:B4:87:5C:C0:84:EF:10:67:BB:BD:5E:18:85:FE:FF:2A:16:DC:FF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
kokud.dev
artificiallly.com
online.asbestlogboek.nl
atxkungfu.com
apps.b4bh.com
app.beulive.com
bict.ca
tecnici.bitiemmegroup.it
partners.bonpay.co
dropdesk.bradbieselin.com
cadeaux-entre-nous.fr
chilucan.contador.cleversec.com.mx
codeengineer.dev
www.duals.com.gt
www.long969.com.tw
cutestdaily.com
www.cyriel.com
damhypnose.com
darkhorsesgroup.us
www.delplaya.tech
www.designs2.com.mx
uikit.diskito.eu
www.dixper.io
ecosys.mv
www.escapateypunto.com
f7e.dev
dev-oracle8l0x.fortunetra.com
www.foujdar.dev
galsenblockchain.xyz
www.galsenblockchain.xyz
generative.co.jp
gfc.io
goseecity.com
dev.crm.v2.greentiger.in
santatereza.guiasaudemais.com
link.helbiz.com
quintamarciaservice.hinvoice.it
nhh3281.id.vn
www.inparallel.app
intejer.cl
alumni.jdtioaa.com
kevinrono.com
protect.keyholding.com
kind-path.co.uk
media.lange.click
blog.liiao.cc
magneticforce.com
www.mambaanalysis.net
manoirasdetrefle.fr
matisseverduyn.com
mdcportal.ca
links.measureprotocol.com
mikeyriver.com
mithras.dev
mostawkwardgift.com
mysewingangel.com
namah.dev
nextnails.care
nigras.com.br
nippun.com
www.nofilterstream.com
webadmin.ongoes.in
www.onlinegamesinfo.com
perfectlybuilt.uk
culotte.petit-bateau.co.jp
prycetechnologies.sg
psycoforensis.com
aasa.radanalyzer.com
rakesh.dev
roboticimaging.ai
elie.rotenberg.io
www.royaltondeveloper.com
rrveiculosmt.com.br
app.salesbuckets.com
www.sdgolftrip.com
siradvisors.com
softwaresolutions-llc.com
spr.cx
app.studioauckland.com
summerhammer.dev
www.swingtoplaces.com
tannercottle.com
www.thepalmastore.com
thepremonitions.org
tropicalz.in
apps-preview3.una-community.com
vet-hands.com
appios.vpnsafenet.com
paint.vteam.com
wavy.vteam.com
page.wanpass.me
admin-test.wejha.com
willdeuschle.com
xtravelapp.com
yallasolutions.com
www.yatantaxi888.com
tianshijihua.yuanzhongheng.site
zacmel.dev
zebrablau.com
zobbogames.com
Other domains in certificate