Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=www.kotakpasir.id
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
April 15, 2026
Valid Until
July 14, 2026
66 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
52:FD:BC:E1:24:F9:A2:32:C5:BC:82:3F:E8:35:7D:B9:E5:16:45:4E:6D:2C:1D:86:D9:8C:75:95:4F:06:7C:E8
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
mcgassociate.com
bestellen.2ps-steinfurt.de
aehak.my.id
www.airpressor.mx
askzstaff.info
www.barber.mn
binkymusic.com
auth.bumblebeeeee.com
diquis.cachollolabs.com
calculosolarpro.com.br
admin.caracasdesignweek.com
www.cartobuk.com
christmascalendar.org
citara.mx
clearwateradv-group.com
app.fantaamici.codingduck.cloud
mobile.codra.se
www.confrans.eu
innovation.connox.io
gt.cranville.com
mw.creditea.lv
dailyappai.com
web-sporter-frontend.staging.twente.delcom.nl
cs.dmmx.ai
dolarja.com.br
www.dolphene.com
crm.stage.dspristine.com
www.dworekwiktorowo.pl
monitoring.e-graft.com
emotiondna.com
installer.ethosmobile.org
partners.familyfun.games
www.firstaustralianscybersecurity.com.au
flipscout.site
book.fortuneinfra.dev
www.fulcrumio.com
sistema.gbtechsolucoes.com.br
gcatcode.com
connie2026.ghifproject.my.id
greenmarker.co.in
groupquest.app
www.gueie.com
www.dev.en.frame.hallobon.nl
shop.houseofbradford.com
hr-karthik.online
inovant.com.br
msteams.intheoffice.io
www.jobnet.com.vn
www.kidi-fun.fr
3hunt.knobs.it
www.kotakpasir.id
ceodebolso.layory.com
lestrom.ee
loanlysg.com
www.loanlysg.com
melhorespratos.com.br
milesnmilesstudio.com
wasl1.mnr.ae
www.mubarak-albahri.com
www.mvpenthouse.com
myrongraduation.com
nazotoki-bingo.com
nestboard.dev
novacopia.app.br
espace.o-toulouse.fr
www.onestopmedia.se
only-us.world
onmyway.pro
rg.petronijevicm.com
pro.playroom.live
scenario-builder.poltergeist-lab.net
www.prayogeek.in
www.prima-wald.de
www.proyectosayb.com
panel.billing.quiksy.store
www.railsupplygroup.com
rampart.hockey
www.rdvau1ervirage.fr
refaclik.com.mx
www.refaclik.com.mx
refaclik.mx
admin.robotpak.com
www.rock-shop.ie
round.education
sadripharmaprint.com
shows.sidedooraccess.com
smart-lift.ai
dev.somm.fi
app.spactm.org
straniggdora.hu
stuta.io
www.taycanai.com
travelwithabhisha.com
deep.tucambista.pe
valorinmobiliario.cl
app.viacertabanking.com.br
www.vinayc.me
campaign.vitminute.com
offer.xcel.software
zeustech.co.ke
Other domains in certificate