Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=winhorse.co.kr
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 15, 2025
Valid Until
March 15, 2026
61 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
8B:AB:AF:DE:D8:C3:0C:74:E2:D4:A9:31:EA:BA:E4:A3:0F:69:58:9E:FF:B8:E8:59:E1:A1:D9:D3:31:F1:64:3B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
workman.ottaways.com
play.1ludo.com
alessandrazanghi.studio
alphadna.ai
www.anaprestesregulacao.com.br
answerablee.com
data.apapdladzieciforte.pl
jira-google-calendar.appfire.com
auckmund.com
www.bellytobabydoula.com
applinks.bingeit.ai
www.bluelensresearch.com
brandvelocity.co.uk
www.brivazacetu.fr
www.buzztobrand.com
careaokeclub.org
enviam.cateringportal.io
stg.chatbrew.net
agent.chiedimi.it
chimp.cafe
winhorse.co.kr
colaborasound.art
crewmap.app
cycleshare.online
daniel-enterprises.com
www.dessinateur-projeteur-jg.fr
domora.life
www.dreamlook.ai
dayplanner.poc.dsiag.ch
www.dustinadkison.com
office.edds-shop.com
edmouth.com
rektori.ertim.org
escobedev.com
www.estorealley.com
ezykov.com
rewards.farahy.net
filzquadrat.ch
wholesale.food4fitness.com.au
admin.futbolmatch.com
petpooja-docs.gotabless.com
www.gracelongtennis.com
prod.greenstream.io
handaptive.com
helward.com
hishmad.id
icss.lk
ivaerksaetterunge.dk
jaanservices.uk
aurawall.jayshree.tech
www.joaoguilherme.dev
jobbingprueba.jobbing.cl
bingo.karla.ai
katiaandojo.com
katiaandoladele.com
portal.demo.keeportoss.com
ksji-hse.org
maco.fit
meghal.me
menucard.us
modovuela.com
oatfox.io
oddience.app
www.orion86.com
rdb.pepperpin.com
petdelish.in
piletasq.com.ar
www.pinnaclepa.biz
hotel-bell.pochittoo.com
dev.pocket-study.com
creowealth.portfoliolink.co.za
prahartech.com
www.proscalar-go.com
quartier-42.de
registarttoken.art
www.rencityart.org
www.resolvstudio.com
shinchina.in
shrutiformoco.com
shubhamraval.in
mini.sisidev.com
sisup.org
srinikithav.com
www.srinvisiblegrillsvizag.in
stockformer.com
szopi-chlop.pl
thehypnovirusonline.com
themailboxproject.org
tjss.in
ci.tk3.biz
app.togethervideoapp.com
totspl.com
www.trackcalai.com
treq.me
trieverse.com
excite.tyan-shanss.com
umdbulldogsportcamps.com
www.victory-nails.eu
links.webui-goldenberry.vsscloud.tv
zicsic.com
Other domains in certificate