Open
Cached
·
just now
93/100
SECURITY SCORE
Certificate Information
Subject
CN=muh-ahsan.my.id
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
42 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
63:BE:16:65:B6:2A:FD:5A:11:52:8A:4D:36:1D:4B:52:C5:35:75:BE:E3:EE:0A:DF:9B:92:62:68:C6:98:5D:A2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; connect-src; script-src; +4 more
default-src 'self' 'unsafe-inline' https://*.freshbots.ai https://*.freshbots.ai 'unsafe-eval' https://*.freshbots.ai; connect-src 'self' blob: https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://gitlab.corp.miracl.com https://g.clarity.ms 'unsafe-inline' https://*.freshbots.ai https://*.freshworksapi.com https://*.pusher.com wss://*.pusher.com https://cdn.linkedin.oribi.io; script-src 'self' https://snap.licdn.com https://*.sf-syn.com https://*.freshbots.ai 'unsafe-inline' https://snap.licdn.com https://clarity.ms https://*.freshbots.ai https://*.pusher.com 'unsafe-eval' http://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://*.canddi.io https://*.canddi.com https://vimeo.com https://www.vimeo.com https://snap.licdn.com https://www.clarity.ms https://*.freshbots.ai https://*.pusher.com wss://*.pusher.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.freshbots.ai; img-src 'self' data: blob: https://*.canddi.io https://www.googletagmanager.com https://www.google-analytics.com https://gitlab.corp.miracl.com https://*.linkedin.com http://*.sf-syn.com https://*.freshbots.ai; font-src 'self' data: https://fonts.gstatic.com https://cdn.canddi.io https://*.bootstrapcdn.com https://miracl.com; frame-src https://www.google.com https://www.youtube.com https://player.vimeo.com http://*.sf-syn.com;
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer
Permissions-Policy
Present
accelerometer=(); autoplay=(); camera=(); document-domain=(); encrypted-media=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); midi=(); payment=(); picture-in-picture=(); publickey-credentials-get=(); screen-wake-lock=(); sync-xhr=(); usb=(); xr-spatial-tracking=()
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
staging.miracl.com
www.01tron.com
www.agronovas.uy
www.alef-lam-meem.ca
amz.cx
www.appliedboard.com
arcticairports.fi
athletricks.com
beachavenue.studio
publish.biosyscompute.com
bongda.eu
dose.careglp.com
cc.recipes
chriselliottartist.com
phnompenhtimes.com.kh
critz.cc
digitalandyou.com.au
work.diskito.eu
droop.link
www.chris.dziemborowicz.com
console.admin.ecosys.mv
em-k8s-production.emailmeter.com
www.gain.si
vs1.heinrichs.tech
www.hsechoir.org
cdn.ilacrehberi.com
implit.nl
interbrasil.simulador.izii.io
www.kaewkwanpetshop.com
www.kazatangames.co.uk
escape.kontotto.com
www.kworkelectric.co.uk
www.laslilasodontologia.com
leadknots.com
www.leanmanufacturingelectronics.com
www.consult.loophealth.com
ask.lubbu.com
manning.dev
mansion-espiritus.com
dl.medipass.me
mapa-minha-casa-minha-vida.meurefugioconsultoria.com
first-flight-claims.monkeysource.co.uk
space.mtsdu.com
mubanga.nl
muh-ahsan.my.id
www.nebulasoftwares.com
www.notestring.com
npesnam.com
www.nyame.dev
www.nytlabs.com
www.ogabook.com
learn.omicslogic.com
opuluxe.it
quark.otherg.com
nippou.otp-system.com
app.physiomeets.science
www.pirotecniabrissfx.com
qscounselingpllc.com
www.randomnodes.com
www.romainpreston.com
party40.rueffer.ch
rungordon.run
tiktok.sagaraga.com
salsitaxtrmf.com
www.sangsangtoreal.com
sauceymessage.com
shashidadi.com
websams.silverton.de
app.slowtracker.com
songnoter.com
cams.stageamericanoutlets.com
stellaresidence.com
site-checker-63e88.studiodesignapp.com
www.suite-elite.com
casework.sunsuria.com
swiftpaytoday.com
swiftridestudio.com
www.tablemuffins.com
takawale.com
www.tarinchiaro.it
www.teamdominion.jp
learn.techyog.com
app.tejasc.in
thaiphoonbistro.com
thepo.dev
admind.ticketmelon.com
admin-ls.tiifa.jp
www.tobinsmit.com
www.trailroulette.com
sms.trekk.site
trippatron.com
v1.typus.finance
ucgoldeneaglescamps.com
www.vizearth.com
www.wesww.com
dev-app.wpstar.io
www.wss.business
yakilla.com.au
youaremyhero.com
yt5s.es
Other domains in certificate