Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=senangcover.my
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 07, 2025
Valid Until
March 07, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4B:28:86:F0:C5:45:C3:64:C0:74:5C:04:CC:B5:37:87:D1:D2:24:6E:B7:9F:A3:16:6E:44:A4:A2:38:49:AC:F4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
dashboard.apexcounselingmt.com
a2zcode.com
aidia.it
aktivitetskartet.no
alectoconsulting.com
www.aleks.codes
ap-sol.jp
www.apiprivacy.com
www.aptitudelabs.com
ewiscloud.auxswot.com
ballparkvisits.com
bloomplex.com
setup-feature-dev.captego.com
3es.co.in
coastertokyo.com
goodlandstarnews.column.us
myshop.com.in
corporates.samyush.com.np
mybusiness.samyush.com.np
crainicu.com
cau.crowde.net
danshen.io
destino-thuis.nl
www.developerweekend.com
www.dronvyas.com
easyleads.app
acehack.uem.edu.in
elmasdokum.com
api.fivetimes.io
app.geotracking.do
sa.giamban.co
ginraku.jp
gosweetsgo.com
guptafc.in
app.gymfed.be
ibscoach.org
spartansvietnam.impactwrap.com
jcguitar.co.uk
jmsl.xyz
accounts.kabuku-dev.com
www.karnatakafinishingschool.com
gacha.koneta.click
korjausinfo.fi
www.kz2x.radio
daytmp.labmkr.com
www.loupetheapp.com
mockdrafthero.com
account.mocklets.com
seo.myappstoolbox.com
myfirstchoicefm.com
www.mypips.app
straba.mysky-mannheim.de
www.nuvitolpharmaceuticals.com
camp.healthcoach.org.in
playeuchre-online.com
www.pocketsidur.app
pooli.app
qa.portal-patient.com
cardapio.pousadadoalagado.com.br
pp.care
pqswitch.io
admin.queueme.co
www.quickzz.com
ranasales.com
www.reflow.engineering
www.reifjonas.com
roonessentials.com
staging.driver.roveapp.net
www.sagardoyschool.com
www.sammyhayes.co.uk
teleconsultaqa.sdsigma.com
senangcover.my
stg.smartlena.com
www.souvenirmax.com
mdl.spwn.jp
www.stodd.art
taco.ninja
www.taekwondo-magdalena.ar
www.tamerkhraisha.com
moneyball.games.tetherstudios.com
qc.thatsmybuddy.com
app.thesama.in
toe.com.mx
tonys-barber.de
todolist.toolset.one
terms.tourbutler.app
join.tubeforces.com
staging.turborad.com
uneau.com
unleash.com.br
www.uppercasegaming.com
url.chat
link.verseful.org
contact.viewdigicard.com
app.visable.com
link.wifiesta.com
staging-chat.yepic.ai
yovento.dev
zendengreenpurp.com
zentago.io
Other domains in certificate