Open
Cached
·
just now
92/100
SECURITY SCORE
Certificate Information
Subject
CN=mahadalhijrah.sch.id
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 07, 2025
Valid Until
March 07, 2026
72 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DA:3C:CE:B7:D9:A0:7E:4A:BB:E6:8B:83:A3:C8:EE:D4:D9:3D:E4:1D:22:5D:2A:52:1D:07:A6:91:BA:BE:DF:F2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Good
default-src; child-src; script-src; +1 more
default-src 'self'; child-src 'none'; script-src 'self' https://cdnjs.cloudflare.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
origin-when-cross-origin
Permissions-Policy
Present
interest-cohort=()
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Strengthen CSP by removing 'unsafe-eval'
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.fs-duenna.com
coimbatore.1droptaxi.com
sivaganga.1droptaxi.com
thanjavur.1droptaxi.com
thiruvarur.1droptaxi.com
viluppuram.1droptaxi.com
365fithub.co.uk
3dsmimarlik.com
libraryapps.abegs.org
www.abelhii.com
accordle.se
agathasaramodel.com
alien.fit
www.aqms.de
www.areuasit.com
www.astromnc.com
www.autobear.ca
adventure-archive.bbuc.co
blazehubconsulting.com
bold-n-brave.com
www.brauliodavid.com
new-investor.bridgingmedical.com
broad-gifu.com
inventaire-outils.cafedemarie.fr
www.celect.in
www.chasemaven.com
pastors.churchpad.com
pandahouse.clau.io
www.agriwhiz.co.in
codehow.ai
coffeezinho.com.br
www.chunyangtea.com.hk
compraslista.com.br
www.creatoautomation.in
sdmovies.cx3tech.com
www.dataplace.ai
docneasy.com
invos-uat-portal.epay.lk
www.farmaciacarupano.com
www.flutterlove.dev
host.gordon.free.nf
zurich.l.frequentvalues.com.au
www.fugisawa.com.br
account.globalconsent.com
gowackerli.com
link.hackertab.dev
admin.halapackmhs.com
www.happyzuri.ch
www.horsleyshop.co.uk
jujetest.shop
kalepainsurance.com
www.lavieinnove.fr
www.lcristea.de
www.legalsphere.co.uk
leodecm.space
lucifer.fund
vazquezyreino.marcafranca.com
academic.mixidea.org
app.mobiquite.app
mystay.live
nextfinancial.io
www.nivelate.mx
nthh.dev
uat-app.onfact.be
www.onlinewpk.ch
ouquiquoi.info
staging.partyrescue.ca
tokyo2020.pirika.org
mint2.pixelsaurus.io
lc-tool-qa.ppro.cloud
www.qrizo.app
www.roboner.app
hiroyuki.sano.ninja
sashadogwood.com
mahadalhijrah.sch.id
screeech.me
www.sesal.kr
staging.sheeptrack.net
www.skillway.co.uk
staging.psu.smart-campus.app
sorcerware.com
sprpic.com
caqa.sterilwize.com
www.stratagemroulette.com
www.taplme.com
teleklinik.ch
the-three.com
www.truepeaksound.com
under-control.app
www.veegee.app
www.vildt.dk
screenmanager.ward.technology
whaeat.com
unsent.withcheesepls.com
xposlife.in
www.yashmurty.com
yes-me.com
www.myxarchive.zaldyjr.com
zethedward.com
docs.zylitics.io
Other domains in certificate