Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=casahorizon.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 15, 2025
Valid Until
February 13, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
51:F2:6C:A9:61:29:F3:5A:64:39:02:EB:F2:FE:0A:60:98:1E:D5:AA:15:7B:76:DD:E3:63:CD:11:AC:35:00:6F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.carestack.com.br
app.acosh.acuizen.com
agrovities.com
aisia.fr
ssc.alca.is
www.ascendapp.co.uk
portal.bedsteservice.dk
l.bioquimica.cl
bourboom.nl
dev.came.live
candlesbattle.com
capalon.com
www.capalon.com
casahorizon.com
mta-sts.celynova.es
himher.chainram.com
www.christamdavis.com
www.christianbabin.com
www.workdd.co.th
www.coinance.ai
coloredigit.com
comforterslifechoices.com
daily2kart.in
www.darzekielventures.com
deezeydigital.com
rw.dev-z.eu
www.dgipindia.com
drinkfrizzi.com
www.drinkfrizzi.com
www.ehren-castle.com
loopy.emosewa.com
ethkaa.sa
faceatious.com
www.facturabilidad.com.mx
www.fenerbahce2035.com
fireflyq.com
login.flavorit.com
ars.gakkousya.net
githon.com
goldenledtrucks.lk
dashboard.gonjoy.asia
gunakazi.com
www.gyongyiras.hu
link.halokas.com
kvittokoll.heidrun.digital
hey-gee.com
imelvilentcia.com
test-site.innercompassnj.com
sarefibramacquariemexico.inter.mx
crm.irecman.com
jbautomation.dev
juancnuno.com
jupiteralena.com
kaoyibei.com
karinekrainer.com.br
www.kith.link
krakenreparaciones.com
simple-calender.kro.kr
kwptje.nl
laareperiadc.com
northcarolina.localflora.info
nutt.acceptance.m4m.io
marcrlee.com
resume.marlhex.com
massymahamli.com
streats33.megapos.store
www.novaevangelizace.cz
auth.onlineordering.io
www.otospector.com
www.payd.me
planned.fr
pmg-c.org
auth.prompttown.ai
protium.eco
prverse.in
quickmap.cc
raiseagriculture.com
reachcutplanner.com
www.reachcutplanner.com
sarah-werther.de
six-sphere.com
sixspherellc.com
somosidiotas.com.br
sprd.ink
tools.sreerams.in
studienwahl-mit-studddy.de
suppliers-dev.stylishop.store
script-wf.taleez.com
www.tatkhalsa.org
www.thredzit.com
cantus.thrivedev.net
toneyroofing.com
www.unasich.cz
www.vedicq.com
www.vegstreak.co.uk
app.engage.ceebee.voyagernetz.us
www.vtsresidency.in
wephemeral.com
www.yellowbin.africa
yogiconnect.in
Other domains in certificate