Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.sunteccity.com.sg
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 07, 2025
Valid Until
January 05, 2026
54 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
06:BC:3A:29:F7:8C:32:7D:13:08:87:93:DF:36:46:B9:B7:FC:AA:76:58:B5:2A:E1:F4:DB:CA:17:57:E9:73:EF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
bolesale.com
1024technologies.ca
coach.adaya.ai
www.amooto.fr
animeflix.ltd
admin.aokitech.com.ar
ayushanbhore.com
link.back2back.org
pacsun.bambumeta.software
www.bicestervillagetaxi.co.uk
dashboard.blinkz.in
akademia.budzetownia.pl
checkapp-ep.ccommecom.com
www.cluevie.com
bird.finda.co.kr
mc-soft.co.kr
taskerapp-local.dry.co.kr
withwatch.co.kr
ccl.coltondogportraits.com
www.chatos.com.ec
app.sunteccity.com.sg
www.credimanager.app
dashboard.culcha.cloud
www.deathpitch.com
go.dev-set.live
diventio.org
www.dulcebelluminexpertis.com
overseas.sgu.edu.in
exbsol.com
fanchoiceawards.co.za
lotto-hearing.fedmich.com
www.fungaiaziendagricola.com
furkansuleymana.com
galicheva-gahlen.com
gargaglioneabogados.com
gestvet.com
gs-bernau.de
hadel-ltd.com
hopapple.com
hydro-gen.tech
ibet855.net
impowerjobs.in
marketlab.improwth.com
captainhugo24.infinitycore.sg
jammal.me
jeffmuter.com
jenniferpowell.com.au
jessestrode.com
to-do.jiricech2059.com
www.joiner.work
kjdesigns.pro
klusterlabs.net
kyblogistics.eu
onboardingauth.llcloudstudio.com
magicstats.lottemakesstuff.pink
settlements.maciejtomaszewski.com
maxlegaluae.com
www.metiq.la
minhlongphat.com
mobysky.com
mos1981.kr
staging.app.msa.hk
nummis.com.ar
www.obat.io
oceanwaves.studio
hkcie.org.hk
www.pastelstudio.net
peterhudson.co.uk
pgf-aswoz.pgjazzz.win
plumbers.chat
signin.thewhy.pretzl.digital
www.principle.co.za
demo.qfix.ai
www.ricambi-epoca.it
wp.rkcollections.in
royalsandalphas.com
api.rvrnc.io
new.sprighost.com
unhu-admin.squbix.com
sunnybanana.co.za
app.sweetearth.com.mx
eu-app.swifter.ai
invoice.swipall.io
testworms.t-david.com
techemergingafrica.com
technoburg.tech
shb.thefacility.in
thelirioestudio.com
www.vaniainteriors.com
app.vidatrilegaltche.com.br
warzywa-gacek.pl
www.warzywa-gacek.pl
saudiairlines.wiyak.com
share.wizz.chat
worldnft.app
y2meta.tools
stagecp.yabi.cloud
nossagente.yesmkt.com
yogendrasingh.in
yt1s.fr
Other domains in certificate