Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=gentosha.gingerweb.jp
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 29, 2025
Valid Until
March 29, 2026
76 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A3:F6:18:84:9C:87:7A:7A:B8:3B:80:DC:84:7E:30:D5:63:6E:3B:F1:C6:30:58:50:95:2C:4A:29:A4:B3:DF:4F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
kreebo.com
www.kreebo.com
1670ce.com
app.abe3.net
abrahamhorus.com
agentswarm.online
www.armaan-verse.com
recycled.art.br
atlanta1stac.com
platform.betek.vn
formacion.centroiepostgrado.com
kmf.ceretella.com
with.global.chatie.me
www.citycraft.io
classicplanners.in
peopleofthecloud.cloudframework.app
lnenergygroup.com.ua
cowhite.com
dcf.tw
www.dcf.tw
www.deyimle.com
www.dilao.in
api.diplomaticpost.io
www.dobsonjustice.com
visit.einfachgast.de
pm-builder.ernandes.dev
www.esandev.in
ethangough.tech
eugene-miller.co
mushin.existence-klcorp.com
familledemahieu.be
fortisindialaw.com
freegamepro.com
www.freegamepro.com
gentosha.gingerweb.jp
www.giovanidebiagi.com.br
portal.guestservice.net
hostalmonacomachupicchu.com
www.inddex.fr
ronmichaelaquino.is-a.dev
www.itsohitsfdc.dev
ivyassist.co.uk
www.jasonmurphy.co.za
jaxxlibertywallet.inc
jirehsjewels.com
ghostgym.juanmg.com
kcstudios.co.za
kikolaus.com
www.kup-dev.com
www.kurdisai.com
www.kvmdevs.com
littlely.nl
lunaleones.com
maksim.brussels
www.markusmassage.hu
id.memora.store
mohangenterprises.com
www.mohangenterprises.com
statelystatic.my.id
www.myco.ink
n818pe.com
neuralventurelabs.com
nickmontalvo.com
nickydollars.com
niftyone.co.uk
skyhighexpress.nostalgianinja.com
daedalus.obrienplace.com
pallet.fun
www.patolar.com
portaledrzwiowe.pl
isvecklinik.qfix.ai
nl.zone.quickcommerce.org
raummuehle.com
reicalc.com
remakeinfotech.com
roammtb.com
wildcard-subdomain.rocola.es
shop.rsgear.business
rubiesdf.org
scholarlysubmissionsandauthors.online
shikshasalahkar.com
skey.network
spectacledbear.coffee
receipt.console.stickies.tech
verification.console.stickies.tech
amts.suleymankara.com
superoutletec.store
rumpun.surveillant.tech
terramae.nl
www.thedors.com
uat.nhs-scotland.thetraumaapp.com
tinttec.ch
auth.upsellsdk.com
upsellsdk.com
adminlabel.vais.vn
links.vault.ng
vexzo.in
www.vvfa.org
www.whyq.com
www.workflowvalley.com
Other domains in certificate