Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=web.hanjuku-kaso.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
February 04, 2026
Valid Until
May 05, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CE:0F:3A:EA:F1:5C:85:B6:09:DC:3E:5A:4B:DD:8F:4C:5E:6E:EA:84:A3:A8:13:62:51:C1:9B:D5:8A:2B:81:15
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.jobmapp.com
blog.192.works
1there.com
www.555labs.com
75rev.com
aana.app
arusoil.com
asiankatha.com
astraeusclarke.com
austinproduct.pro
business.bizreview.ai
blulify.com
boobybirds.com
bootapps.com.br
calendar-app.de
dev.chirpyplus.co.nz
clintonwalsh.com
trabee.co.kr
www.datalogy.bg
davebrighton.art
devfest.no
devmatthew.net
doodlydoo.app
driston.com
dsmx.ca
www.dyslexiatutoring.co.nz
smart-translate.siix.eavms.com
www.elledna.com
enor.com.ar
www.esmia.se
app.etg.ua
ether.ee
dev.single-kenya.fairchain.org
fausrguez.com
www.flexfit-cap.de
uat.geostry.com
gorillasports.qa
www.guiadelcodigo.com
web.hanjuku-kaso.com
hofb.app
checkin.hotelsoftware.io
inva.lu
joelaebi.ch
plan.dev.laufcampus-training.com
www.dev.leasera.com
lorval.com.mx
mac-n.com
www.maotd.net
www.masonwoodbury.co.uk
mohamedalitrabelsi.tn
www.montrear.com
moradiadoestudante.com.br
www.mosaiclab.net
www.nklaptopservicecenter.com
noahtaylor.ca
www.novahomesnt.com.au
app.novakio.com.br
www.pdmj.org
app.projectsimile.com
prosperomultilab.com
www.prostylebarber.ch
www.pwny.win
share.razzl.com
app.rs2.remotesocial.app
www.revisit.ch
www.ririkoito.com
rubk.app
referral.segari.id
www.seraph-cms.com
app-qa.setu.care
under-the-shelf.shelbyshipley.dev
events.shreansdaga.org
compras-lagodapedra.silconp.com.br
www.skal.app
snowape.app
connect.somtoday.nl
stage23.ca
app.surfstrengthcoach.com
out-test.swxr.io
www.syntheiq.ai
www.takawale.com
thesimpleclub.tv
order.tifsu.com
acmeacademico.minhacentral.trausedu.com.br
www.treasures-of-history.org
advisers.untied.io
hartbeach-orders.waiterpro.com
gps-online.webshow.ro
www.webtoappify.com
www.westernroofco.com
www.wgarvey.info
links.willow.tv
www.wooliston.com
contractor.by.wow-dev.org
writensip.com
translate.xilerth.com
torres.xptoconsig.com.br
for.staging.your.vet
auth.yuzu-officialstore.com
zombier.no
Other domains in certificate