Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=cuahang.kasoft.vn
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 25, 2025
Valid Until
March 25, 2026
71 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D5:BF:51:F3:7C:63:C9:CA:FD:B6:6F:DD:4D:FC:83:6C:E5:81:FD:BE:29:25:22:65:2F:B6:9F:D7:42:F4:45:15
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
lrdcanada.org
90millas.mx
agenciamicrosaas.com
aliclik.app
amadoraviwaraviya.com
cdnjs.appcheap.io
accounting.aravia.com.co
auth.aravia.com.co
document.aravia.com.co
fiscal-information.aravia.com.co
treasury.aravia.com.co
mycato.auli.tech
beavercrush.com
www.bursaercp.com
skip.climate.ai
pineapps.co.il
cuddalore.yazhdroptaxi.co.in
www.kaziworld.co.ke
comeon.plus
www.craft.doctor
demopizza.cretworld.in
www.cultprotest.me
curseur.re
forum.dungeon-stories.com
hotel.easybus.app
otomi.ecuestre.digital
www.esentis.dev
fabwork.com.br
congregacion-digital-agurec.fireysoft.co
ulink.goshop.my
www.growthlab.club
www.hbelitinsaat.com
henrygale.com.au
hilker.app
hlp.im
hofladenguide.ch
www.ilplatform.be
app.imovelmar.imb.br
www.denuncias.k-9apps.com
www.kabakabaci.com
cuahang.kasoft.vn
kotoko.fi
lingamtravels.in
loopcommunity.org
www.mattiagiacone.me
www.mazele.io
www.fib.mehar.ca
brandify.misdevelop.com
monstruocanela.com
cv.mouly.ar
mycluetivity.com
tms.nextlogix.vn
www.nfarina.com
www.niftybounties.com
civ6-mods.ntum.top
www.ollierou.com
omkar.dev
bottomline.onceaccounting.com
coin.pedlop.com
www.pegasuslb.co.uk
app.test.triunfo.photofied.tech
next.picsa.app
pixedot.com
pointxsolutions.plannt.app
planpoker.app
playtaboo.app
plenits.com
www.plusdent.cl
offer.api.pollpe.in
portfolioqb.com
privacysnow.com
qbrid.net
www.quesjins.app
www.redpath.dev
reg2rcnt.removis.jp
sanwad.satejpatil.com
seniorsuites.satelite.ai
shreekrishnametal.com
vtc.simpliroute.com
www.sitisa.mx
smartiot.in
test.souls.care
www.sprachbluete.de
sumaho-de-omiyage.com
www.synthify.io
talk-with-tolk.com
widget.dev.bs.tech-azur.com
terrene-research.com
thekosmix.com
app.tomillama.com
torqsecure.io
anfitness.turnosweb.app
www.undelayappdashboard.com
www.upwayidiomas.com.br
briefing.vamos.dev
viewkitstudio.com
atlas.voxpop.co.za
wegobi.studio
wa.woofiepie.me
zerom.in
Other domains in certificate