Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=sigma.cao-sabic-lbv.appdashboard.nl
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 11, 2025
Valid Until
March 11, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F3:39:C1:A3:7A:17:42:7D:1D:21:94:86:01:B8:E3:C5:DC:B2:A8:72:9C:A8:4D:CE:13:DC:9D:C8:8D:DA:F9:48
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
myday.co.nz
www.deal.kaist.ac.kr
aig-minimed.affinity.do
staging.app.agilitycoursemaster.com
aigerim.co
www.aisportswatch.com
alpinemotorcarsllc.com
amarreysanteria.com
app.apnibrokerapp.com
apontaki.com.br
sigma.cao-sabic-lbv.appdashboard.nl
www.areyoublackerthanchatgpt.com
arkansasrtc.com
asadullahalgalib.xyz
ashtinramirez.com
jiledouluo.baileqi.online
bitbrainly.com
one.bosenet.com
www.bstkekipazas.lt
bymtec.com
candosoft.nl
react-apps.carto.com
cedgastro.com.br
uoman-nakanoshima.cfs-japan.com
web.cmfolio.com
reg.timoti.co.id
www.rsp.co.il
redirectme.rgarcita.com.es
abdulazizladan.com.ng
www.cultofmartians.com
www.cyberbodeguita.com
www.cybernyte.com
jurybox.davidbuff.com
food.depaire.net
digital-tennis-tour.com
dondeestaluna.online
doorclosers.org
elenaremizova.com
account.fieldstream.dev
landing.flynth.nl
ghdatabundles.com
app.go2work.com
gohomely.com
urbane.guestcode.uk
wedding.gustavo.com.au
harrytong.com
hcodesolutions.com
hisham.codes
profile.hocgi.vn
fischer.id.vn
countdown.apps.in.rs
jamifloyd.com
golf.jimmyb.me
kayit.gunesokullari.k12.tr
katiemarple.com
knoinsights.com
www.lazylink.in
www.sfs.linkpc.net
www.louievoice.com
magnusnilsen.com
www.markjdelgado.com
maucodev.com
meble-nicpon.pl
michael-strain.com
mmorrow.dev
myfretbuddy.com
harknet.nextlogic.net
nubenupcial.com
www.offthecurriculum.co.uk
old.med4all.org.gh
www.ozstyle.co.uk
pai.tools
partechsystems.com
www.partnerstaking.com
passivequity.com
www.piggi.dk
admin.pointspot.co
pump.works
mate.redq.io
reseaupublic.org
revenuescann.com
www.rixels.nl
robandmella2020.com
www.rocksplayer.com
app.rolyhome.com
cms.saikyo2dome-tbate.com
shw.pw
superiorcall.io
supplyspace.in
www.sweetsilver.tech
c331f.tapk.it
preview.theyakka.com
www.tinode.dev
cardapio.food.totvs.com.br
admin.tredplus.com
admin.viacordis.hr
beer.weissenburger.io
wolvez.dev
beatprophet.wuiquique.com
yourpokerclub.com
Other domains in certificate