Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.kenneth.ly
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 11, 2025
Valid Until
March 11, 2026
56 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FF:18:8E:2A:B1:9D:09:8E:2B:8E:24:39:16:88:65:C9:9E:E0:0F:17:21:3A:0A:19:26:B9:0C:3C:9F:9A:2B:F4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.applyroi.com
www.1mn.io
3seconds.ai
www.amalgamapps.com
www.andruwilagou.com
animalpedia.blog
links.ashleybailey.me
graphicsound.async-studio.com
www.bbalajis.com
www.bc-group.com.mx
www.beeride.eu
www.bendabl.com
dashboard.bengalelasmolab.org
blind-tasting.app
breachinsider.com
www.capitolvoice.consulting
www.charkeurooujda.com
miznon.clau.io
papajohns.clau.io
www.udgroup.com.tn
dev-auth.commoney.jp
ocm.admin.convercus.io
vegas.crime-cases.de
internos.datainves.com
detechub.de
dienstleistungen-hennig.de
kiosk.digitalpool.com
dinerama.com.br
admin.diyaholdings.com
www.dmitriyz.com
api.donorflow.se
duhal.de
dustergroup.com
eastern-bird.com
eliteventurescape.co.za
enneer.com
mooche.errasoft.com
financeterux.com
archivio.fondazionegentilini.it
frontendsimplified.com
expense-tracker.geekytwin.com
www.getsupertime.com
growfyn.com
halfcyan.com
srclasses.indiandevelopers.org
irriplans.com
mysocialfest.itbg.com.ar
calculator.itlicious.be
jackkranz.com
portal.jaib.live
jdami.co
www.jesselima.tech
joinblynk.com
josegregoriohernandez.com
www.juegatequila.com
www.jvautofinance.in
kabaka.com.br
www.kenneth.ly
korjani.com
kosharo.com
wedding.kurzer.de
smartcell.lasg.ca
launchany.com
acceptorreject.lets.stream
lexiportfolio.me
wali.lumbungkasih.com
giggin.mamapitufo.xyz
metafyai.com
portal-dev.meupetshop.online
nanoact.vet
www.nextdoorsandiego.com
block-dev.opengrid.xyz
palety-ikopal.pl
navegador.pinkmapp.com.br
www.prestowholesale.co.uk
www.procpro.com
myaccount.proxysocks5.com
raed.ws
rakennuslaurell.fi
rolandforbes.com
samolink.com
www.sbw.digital
www.scesi.org
securachain.tech
healthcoaches.us.servicemall24.com
www.sfgw.ae
sufika.sheshank.org
shopgreenup.com
shrikezhang.com
www.skud.solutions
app.strings.ai
www.studentcalendar.app
targetonline.co.za
backoffice.casalatinapizzeria.tasteexpress.se
techvn.co
manage.tryshiftt.com
tvszervizszeged.hu
utterity.com
auth.staging.woox.io
agenda.zipper.com.co
Other domains in certificate