Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=kurasuite.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 04, 2026
Valid Until
April 04, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
97:F1:DA:CD:80:20:70:8F:0C:EE:CC:52:FD:70:BB:8F:37:9A:D6:1F:04:66:01:86:2D:4D:6D:92:DF:B0:3B:5B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
tokyoshitamachi-estate.jp
2025.growatte.com
nft.3dorchard.com
auth.9splay.com
www.acilpuskes.id
www.aplus-innovation.com
app.arkdigitalgroup.com
arnoldcodes.com
go.astro-c.com
attainate.com
beselfwise.com
bnest.in
www.bodeville.com
bootify.app
brabuzconstruction.com
www.cages4fire.com
carburantdiscount.com
checkmatesolana.com
auth.acc.classroomscreen.com
mi.cloudframework.app
www.brightsol.co.ke
vpassword.cocibolcasource.com
app.termometr.com.ua
dappsjinja.jp
designup.jp
admin.doorjames.com
drivewatcher.io
e-pix.io
painel.ecbsistemas.com
www.editionsgrandschamps.fr
nuevocolegiolusadi.edu.co
shujaaz.enezatelecom.com
enissadiku.com
www.excellentcc.com
fastway.pro
fikrasmart.com
www.frippledee.no
www.gaylecordes.com
app.getfaraday.com
app.getmagiccart.com
cumin-diamond.harecord-dev.com
hatofes.com
heiapp.no
app.hyred.my
ibunka.tv
sensors.iosapps.at
bowling.iquarters.com
chevxeron-stage-5.ischoolconnect.com
shop.ism-kimono.com
jam-up.app
www.jessestrodefanclub.com
floodwatch.kafol.net
app.pet-connect.karottenkameraden.de
escapes.kotrlas.com
soundmaker.krida.space
kurasuite.com
stage-5.learned.io
v1-tad-dev.da.letsdive.io
finance.lezzt.com
www.lsgfarms.com
lynsis.ca
mdln.help
midtown.show
www.myassetspace.com
services.ny-go.org
onaii.org
app.oodle.social
moodsync.oscarbkn.com
paaampthatscore.fun
www.pbj.live
auth.powergolden.app
pumpflix.xyz
app.qlicksms.com
poll.quae.app
www.rabindrapharma.com
redbeatventure.com
samcastaigne.com
santiagojimenez.dev
sarojatransport.in
fairbot.screengeni.us
www.seawolf.systems
www.sigmax-group.com
sstrade.mk
deeplink.startimes.me
svpernova.io
swarajrubbers.com
swllearn.com
concesionario.synergit.cl
demo.synergit.cl
interior.desing.synergit.cl
touristpack.store
www.traggr.de
unitai.ai
data.static.pueria.usp.dev
vanska.dev
velasttopizzaria.com.br
www.vitasync.nl
wixee.ai
yahatkunnarak.engineer
www.zingweglobal.co.za
Other domains in certificate