Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.comichaiku.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 06, 2025
Valid Until
January 04, 2026
54 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B8:CB:3E:77:1A:7F:03:C9:B5:D3:DE:05:2A:AB:D6:8E:EF:58:BD:C4:6B:B8:C3:97:59:AD:28:32:BD:71:46:37
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
shop.printmedia.jp
share.7aderapp.com
staging.aniline.io
mail-assets.appointer.com
www.atlanticoilsol.com
www.badmintonpal.com
www.baileehodge.com
banerjeerishi.com
m.bcr99thai.vip
software.bicg.com
sell.storybook.bidscape.com
www.boostmente.com
www.web2app.botify.ai
casttech.bracelit.es
www.bruxton.com
www.bubblett.com
campagapevt.org
weare.caroa.jp
m.cbh.care
fmx.cintoia.com
centre-france.civitimeapp.com
credit-agricole-franche-comte.civitimeapp.com
crepi.civitimeapp.com
ctn.civitimeapp.com
demo-client.civitimeapp.com
thelittleschool-house.com.sg
auth.ksong.com.tw
itoen.com.vn
www.comichaiku.com
conectagrp.com.br
oracle.connectorzzz.com
cnxoutcomes.connexia.com
www.consulbench.com
stack.cre8games.com
admin.cubantropia.com
cysero.nl
dev.dallinjackson.com
danielpincu.com
www.danielpincu.com
www.daocastle.com
www.darewithfriends.com
support.davesa.com
www.davits.page
x.deeptent.com
www.deepvisionapp.com
productivity.deoapp.com
dessertnyc.net
developingo.com
djbilal.com
dnafrika.com
dompotts.com
dosukoi-ikuji.com
app.drmacmandalay.com
ecombookkeepingreviews.com
ecu-pay.com
eod-now.com
facturemaroc.com
fallah-est.com
feriavirtualtigo.com
fintectm.com
auth.flysafe.pro
view.getboostar.com
rotuges.imarotulos.com
impulsomkt.com
advisor-kpl-stage-6.ischoolconnect.com
iubenda.417.cz
jbdev.se
www.joeladamsphotography.com
kaewkwanpetshop.com
app.karatesnap.com
quizpe.kotkartechnologies.com
krnc.co.za
lestourneesdesproducteurs.fr
www.letsmakeloot.com
sgo.liche.cl
www.linksterapp.com
lish-eikaiwa.com
lussosolare.com
page.makestar.co
www.marstech.click
v2.mathasa.mx
evaluate.ttmh.mobilitymojo.com
moretreesnow.org
newyorktravel.es
nextstepgames.net
booking.nikacurly.com
panel.ople.us
pianolessonsyork.co.uk
admin.reablock.com
3d.repligen.com
repsketch.com
sandilovestom.com
dashboard.snabb.ee
storywise.app
ginevra.svegliati.net
underscoredesign.com
v1n.io
wandb.ml
dkp.ws24.cz
www.zkeep.io
Other domains in certificate