Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.kovaa.com.au
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 22, 2026
Valid Until
April 22, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C9:FE:7C:08:C8:21:CD:17:64:02:49:47:0B:37:CC:78:DF:1D:D6:56:77:6D:D0:C8:A0:10:BF:DD:E6:63:31:E8
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
granmotoec.com
campus.academiatanato.es
accordle.es
links.aestheticsmap.com
www.aktapecas.com.br
alfaline-apps.eu
alntqatar.com
www.andrewchu.me
l.artpix3d.com
aufstiegsreform2025.de
dynamiclink.avyatated.com
bhairavi.tech
www.bilingue.com
blkpty.com
clarendon.place
classjack.io
sonetaran-preview.codeimplants.com
demo.dev.colosseum.ar
consolidadoapp.juango.com.uy
comforthvacservices.in
www.crecerpediatriacusco.com
kaab1.dnafitpro.ai
doctor247.in
echomax.click
app.emotions-diary.ru
staging.developer.epages.com
devfactor.factoringdev.com
gdlg.foodle.su
cp.beta.funnelish.com
www.ginarai.com
connect-a.goegonetwork.com
garden.gorbotics.com
www.gqamisasolutions.co.za
granitebug.com
grupogasolinerosolidaridad.com
guide2copenhagen.com
helm.website
dashboard.heroisdarmc.com.br
illuminacioginestera.com
ly.insai.tw
vcore-demo2.intellivie.in
share.itsbonustime.com
app.iures.it
javions.com
admin.kokofuru.com
app.kovaa.com.au
leibovic.com
app.livecastmedia.com
notifications-widget.medapp.nl
mercadovirtual.app
www.mhamza.dev
www.minimgroup.com
mintyfloss.com
nadjmi-school.ru
www.nadjmi-school.ru
www.nftpause.io
www.ogidani.com
theis.olympijskytym.cz
app2.one-group.se
studenti.org.rs
payslobi.org
pharaon.me
crm.pomocspc.sk
2021-jesien.bimakademia.procad.pl
cargomatrix-dev.prodeo-live.com
professorfederal.com.br
qianzhongcheng.com
auth.resultados.club
retao.io
admin.dev.rool.dev
pop3-importer.scaleupconsulting.com.au
www.shopdifferent.com
letemps.siwa.io
dev.sky-leap.jp
skyfleetpigeons.com
slashbear.com
0j28swvb3iibxltoxeds.smartimob.io
payroll.socraft.community
www.solanaonline.store
nuoibogolfclub.solasun.vn
develop.safracontrol.souagrosolucoes.com.br
srbolillo.com
www.studioforged.com
styleiconbd.com
auto-archiver.suicise.com
sujok.app
www.supportatroop.com
sustain-mobility.eu
www.sustain-mobility.eu
www.swiftlah.com
app.t-union.jp
link.teachvault.app
www.troop1athens.org
uploadsquare.com
gerenciamento.vcinova.com.br
staging.policies.vezham.com
forms-webui-webface.cdn.labs.websheet.io
yothanan.club
sota-room.zettalinx.co.jp
cizor.zynor.app
Other domains in certificate