Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=otav.jp
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 27, 2025
Valid Until
January 26, 2026
73 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A4:FF:AA:9B:E3:F5:CE:DE:A0:4B:B5:5D:32:16:F7:75:80:34:BF:BF:95:36:E8:3F:7F:5E:A9:8C:51:9E:2D:62
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
kyozai.to-on.com
1881.to
music.27swing.com
cloud.adroitbureau.com
aethon.fr
qompass.aiira.co
portal.dev.apacuana.com
aysea.in
webapp.balancefriends.com
balihotelsandmore.com
baslang.com
beautinest.lk
firebase.benswebpage.com
go.bizzy.business
api.bluemirror.ai
einstein.botted.wtf
www.br-zhou.com
snake.c4f.wtf
realidadvirtual.celsia.com
cheveuxnappy.com
www.inbiot.co.in
www.corethinksl.com
cruciball.com
live.darktranquillity.com
test.dealsign.ai
www.degreesofchance.co
idtq.dehghan.it
multistore.deluxepizza.com.au
dirty.com.au
duun.fi
www.admin.seto-solan.ed.jp
ekib.im
notes.emersondove.com
www.emonster.com
eyeris.uk
www.fayamextech.in
field.pt
fincalm.com.br
www.forgotitsmonday.com
fromkk.dev
giorgio.garasto.blog
gestaocm.com.br
email.getzaya.app
yomi50m-dev.hamajima.co.jp
handlymade.ru
www.hcjorissen.be
demo.hippocrades.org
interpreting.app
www.ishaansharma.ca
jasonlow.cloud
inaffect.keynexis.com
www.kiffgo.io
laeredi.com
app.letsaspiro.com
tiruppur.makemytriptaxi.com
novadebt.meeplers.com
www.michaelgoldberg.org
www.momag.org
morigin.network
www.mwtworld.com
qr.alsagheer.myzeal.app
www.mzz.me
natahouse.net
admin-qa.neovault.app
www.newslang.app
nullflip.com
sdsbjs.orpheusdroid.dev
otav.jp
parkiy.com
themes.dev.pbj.live
admin.redsols.com
relietech.com
authtest.samolink.com
sandora.ua
sbdevelopment.cloud
www.shreeharitoursandtravels.com
www.skcdevelopers.in
smokeandfumes.org
www.solariumnft.art
ui.soundflow.org
www.spelieve.com
spotgenie.in
fire-web-quickstart.st-cova.com
startinitaly.it
statuspodcast.com
app.retailmart.subbuapptech.in
ranking.sydneysabre.com
szef.dev
www.tamoozmodern.com
tangenta.net
www.telrod.com
phc.triadkube.com
gtm.uas.aero
www.unravelers.com
vivecamedia.com
tl.vx-events.com
www.warwickjohnstone.com
check.westernpleasureranch.com
yukaliv.com
www.zaferayan.com
Other domains in certificate