Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=kengicira.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 04, 2025
Valid Until
March 04, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
27:83:56:8C:48:E3:F7:E6:F2:37:28:4A:82:9A:C7:A6:9B:4A:F8:2C:3C:00:F1:EC:F9:D4:07:6E:D6:34:B5:E9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
vrcenter-010.vrplus.info
toolbox.404-labor.de
www.accountant.world
www.acumen.llc
first.acze.eu
register.advanda.app
zijin.aeccue.com
www.afrinov8.com
superlink.agendaboa.com
www.aidos.ai
aimgtpro-portal.hermes.aimgt.info
pudukkottai.anbudroptaxi.com
apulca.com
backtobasics614.com
geoip.bestcitycard.com
training.leiter-check.bghw.de
wounds.biobarica.com
gift.bitcointribe.app
bv-marine.com
pmo.caarya.work
rolodex.caarya.work
ima-protect.calizy.com
app-12.dev.carto.com
socios.clubdel1.org
test.app.citycar.co.il
tradesimple.co.in
www.luni.co.in
custom.dongsuhfm.co.kr
www.coinforge.me
cdmedia-cyprusmalta.contentcard.com
danknowlton.com
account.dataplace.ai
dcpnc.com
dphil.me
easycomplex-tech.com
ehaus-elektrotechnik.de
elia.dev
farhanislam.com
beta.aplicativo.farmcont.com.br
www.fast-chat.app
en.fastriver.dev
fiittt.com
app.flexepark.com
dev.forthebirds.jp
www.gspulizie.com
order-routing-uat.hotwax.io
builder.informapp.nl
dev.infusioncenteraccreditation.org
www.jamrozy-palety.pl
keelsystems.com
kengicira.com
www.kylehuang.com
www.landmarktyping.com
quizmaster.mars3142.dev
www.martaedavide.site
campaigns.midvalleyfellowship.org
www.mikehughes.dev
mizo.earth
issues.modalai.com
arnesen.ordreplan.no
auth.fansfer-stg.p-dlt.com
pewbuilder.com
auth.dev2.photorobot.com
auth.planmylife.app
www.pluskpool.eu
api.tuv.portosegurofaz.com.br
prickpredictor.com
test.recargatulinea.mx
www.remotescanner.io
www.romantique.jp
www.roumount.com
ruhland-kallenborn.de
rumairaerodesign.com
salushyd.com
www.shopped.co.nz
app.sniip.com
staging.ggso.spaq.app
www.splinteralert.com
authdev.staffgrit.com
app.staker.co
www.stleam.com
sublimetask.com
mawanguide.sumlook.com
dev.tacxtraining.com
app.tallyflex.com
tamhonanhtrang.com
order.thanhdev.com
shecreated.thisissoon.com
www.tildetildetilde.com
www.trebolsonorense.com
www.trinity-senior-care.com
control-dev.truphle.com
tce.demo.cloud.vermill.io
vittally.com
app.widgetgram.com
wifipower.net
app.wknpa.hk
www.yawmtywig.art
yumelabs.com
fl.z0rs.org
Other domains in certificate