Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=ipmmakine.com.tr
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 03, 2026
Valid Until
April 03, 2026
78 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F6:80:E6:3B:F2:47:46:21:8E:7A:96:AC:8D:0D:65:8B:8A:E4:BC:40:AA:7C:3B:B6:F7:3C:34:7D:4D:91:CE:14
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
blocklines.site
362outdoorliving.com
agilityshowsonline.live
alettertomanhood.com
algoops.ca
anton-po.dev
audiologistuk.com
averontechnologies.com
belanutre.com.br
blahblahblahbuzzword.com
bloom-habit.site
gmcroom.cell47.com
quickvikalp.co.in
codefairy.se
coffein.in
www.coffein.in
app.collabnow.de
ipmmakine.com.tr
competify.app
corvus-tech.co
cureconcordia.org
dahb.co.uk
dashboard.dairect.io
danoaesthetics.vip
datean.co.uk
app.delivery-link.com
dresture.com
eduphile.in
auth.elirox.com
errand.no
sleeppod.eventmaster.jobs
www.everyicon.xyz
admin.faltudomain.xyz
fhbcmorganton.org
fincntrl.com
fundatament.com
www.fundatament.com
fans.gadgetsteach.com
gamemais.com.br
www.gavagai.ro
www.geoteam-global.com
worker.link.gigsmart.ninja
golfeala.com
www.gourdetoken.org
games.granatalabs.com
granatalabs.com
staging.granatalabs.com
www.granatalabs.com
haybarro.es
auth.hexlabs.org
hiremebuddy.app
jawabli.ma
kineru.com
www.ledgerbook.in
www.lrsa.com.br
www.mabroscouriers.com
dev.macros.work
makeclearcopy.com
makeitpolite.app
marknorgate.bio
www.mihi.dev
mohammedallam.site
shiftup-app.mountainhops.co.za
nourresume.com
nutantech.com
onewaydroptaxii.com
paticaspaketotengo.com
inthegame.pdyn.app
www.pearlwagon.com
peleiniki.com
www.plungerdynamics.com
staging-mocam.popul-apps.com
www.porticadebuilders.com
www.ranjannayak.in
www.rohanniggam.com
rs-app.com
arsskyrsla2024.samorka.is
sanmiguelrhc.com.ar
sarmadawy.online
scooproomsapp.com
www.shanmu.autos
google.shefpro.com
auth.shipit.buzz
smjtech.buzz
stacksolo.dev
app.storycat.io
www.strategicclaimsdirection.com
ops.tdmobile.work
tekzovix.com
thandipro.com
theclutchdump.com
thewealthwise.app
www.thilakjayasinghe.com
thisstacksup.com
thomas-lorenz.eu
threedshop.com
trivia.verandapalestine.com
wedviha.com
www.wesselbuchling.com
wgcfmi.org
Other domains in certificate