Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=auth.sozi.co.jp
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 08, 2025
Valid Until
January 06, 2026
44 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
EC:64:E4:FD:54:0D:48:82:1D:8D:12:C1:9D:61:77:DC:05:F4:35:AE:69:BF:1F:8A:B3:2A:67:F4:97:24:8C:66
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.nycsecure.org
beyond-g.app.1on1navi.com
domains.1sat.app
ramesh.2rk.in
www.aaband.org
auth.dev.agently.abeja.io
www.alljackedup.org
whiskies.alocquet.eu
firebase.appgua.com.mx
avtarconstructions.com
healingcodes.awakening.systems
www.barefootbeach.app
mentorship.blackmint.io
europol.blinkchain.io
contact.byzocker.de
api.caminandog.com.mx
demo-app.casted.us
test.cleardata.io
backend.click-2-order.de
mithilakshar.co.in
classilab.co.kr
external-login.globalit.com.tr
communitycattle.org
createan.email
projects.ctime.jp
sides.dariodoronzo.dev
retos.dashport.run
www.databakkers.nl
metrics.datespot.love
dawidr.pl
dividy.tech
auth.dreamscholars.org
app.ecimgdl.com.mx
extension.ethicsnet.org
play.fastgrammar.com.au
sos.field.li
app.firsatbufirsat.com
www.fizjoflow.com
citygo-dev.flitter.fr
www.foodmasku.io
www.frift.app
dados.funcional.com
admin.garzone.store
functions.gotovo.ru
yoga.gri3s.de
gunnink.com
codefast.harsimran.xyz
svg.impargo.de
jaanesen.no
www.jessawoods.com
www.kalamkari.org
www.kikt.ru
bool-dev.da.letsdive.io
sync.littlesis.app
www.livebandskaraoke.se
livestreams-voor-theaters.nl
regression2.loadsure.net
lynxbe.net
maikengunnerod.no
app.link.marx.lk
www.menstorah.network
metalpowders.cz
ai.moonmakers.education
www.mutsen.nl
app.myplayer.io
admin.dev.myprism.co.za
netwhere.online
word-penne.neumann.tokyo
noteasy.io
www.oepworkspace.in
tirupathur.onlydroptaxi.com
profamilylifeassociation.org.ng
admin.pastastuttobene.com
testt.pastastuttobene.com
b.pbla.us
perembisztro.hu
sales.prestoexpress.co.uk
test.projectboek.nl
resorts-world-ui.pulsegroup.tech
apps.rcloudsoft.app
marketanalytics.reelmotionhd.com
corporate.rideplus.in
dispatcher.rideplus.in
turnips.sandysandy.net
shopflix.io
shortener.io
auth.sozi.co.jp
www.strongertogether.world
metroride-static.swiftzer.net
www.sycac.org
www.tab-engineering.co.uk
www.valitovorchestra.org
www.varahiinteriorsandcarpenterworks.com
veracious.ai
www.vibey.site
demo.visita.in
demo.vodar.io
zaremba.lv
zia.ac
www.ziptv.xyz
Other domains in certificate