Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=cardinalcapital.partnerhub.co.za
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 05, 2025
Valid Until
January 03, 2026
46 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
11:88:3A:05:65:AE:06:56:DA:8C:24:20:C4:6A:BD:9C:9B:80:FE:F6:98:B3:67:34:03:FF:B2:CC:7A:1B:E6:86
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
blog.kajbra.com
beta.adrionic.xyz
service.alko-garden.lv
www.allmedi.de
zombattle.apm2.studio
www.asska.org
atlat.de
invoices.atommobility.com
portail-b2b.auchan.fr
api.bastienclement.ch
www.bettersyncadvisory.com
goto.bigalbum.co.uk
www.admin.blutechconsulting.com
cleanfixpro.eu
cockscomb.dev
tv.coibong29.live
www.colorwise.me
www.blsuppliers.com.np
deckbuilder.dev
app.dinbook.es
dpyprovisioning.info
app.touchncheck.dsinstruments.fr
www.dumplingpets.com
event.ecokraft.se
www.entrepreneur-studio.com
account.ezpayslip.lk
foodiebox.pl
order.greenfish-energy.eu
www.hedgefundtracker.com
firebase.hexagondata.com
www.hokage.io
admin.icooking.io
partner.insutora.dev
app3.insyncapp.io
isjuandev.tech
it-hero.co.jp
itp-marketing.fr
checkout.jatakrobotten.dk
k2n.kr
kauche.dev
knopselfstorage.se
stories.kotlintesting.com
www.kotwalcommodity.com
limastore.com.br
mdaishi.luffanet.com
mapatalks.com
matrixengr.com
www.mediadesain.com
metalacindustries.com
mhondo.com
www.mindfulflights.com
www.mitchandmeera.ca
www.mitsumotonow.com
www.monster-pets.com
www.moongoldprod.com
moonsdental.com.mx
motobase.jp
myshopsg.vn
narlideredis.com
networkklasnews.com
www.nikolasoft.com
ninjaswarriors.com
candidatelinks.offerdox.com
app-voluntario-modules.arco.org.br
otowa.io
cardinalcapital.partnerhub.co.za
beta.perfectzero168.com
www.qrconnect.app
link.rakukari.jp
rawyah.com
reasonedbuy.com
rentafirst.com
rolldnd.com
runmyreturn.com
salonlolitarestaurante.com
www.salvageunionworkshop.com
www.samosirco.com
hello110chauncy.sasaki.com
www.seandriscoll.dev
www.stkmilevsko.cz
www.supersysoftware.com
portal.syxpay.com.br
tedxpacific.com
textilreinigung-asca.com
thedrakun.dev
thepacificline.com
beta.thetac.club
tilzmatictech.com
www.tolgahankarabudak.dev
www.top-spark.com
db.toptym.cz
totallynotrobots.dev
www.trivium.fun
verkkokauppa-front-dev.www.tunkkaajat.fi
turradar.ru
ebus.urls.urapp.site
api.vhscorner.com
whoseenit.com
www.xvision.me
youmightwonder.com
Other domains in certificate