Open
Cached
·
just now
82/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=microsoft.com
Issuer
C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 08
Valid From
December 08, 2025
Valid Until
June 06, 2026
160 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA384-RSA
SHA-256 Fingerprint
B6:44:B3:45:93:D5:8C:BC:21:98:3D:10:C4:52:96:68:B5:32:11:11:F6:74:8D:C3:1A:65:C8:81:85:20:FA:3E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
base-uri; script-src; require-trusted-types-for; +3 more
base-uri 'self'; script-src 'strict-dynamic' https://www.clarity.ms https://ai.microsoftol.com https://copilot.microsoft.com https://copilot.com https://challenges.cloudflare.com/ https://fpt.dfp.microsoft.com/ https://assets.msn.com 'self' 'nonce-QpqOQTAW7d0802XlAVnKmA==' *.paypal.com *.paypalobjects.com; require-trusted-types-for 'script'; trusted-types default lit-html copilotPolicy dompurify @centro/hvc-loader fast-html base-html-policy paypal-web-sdk; frame-ancestors 'self' https://edgeservices.bing.com edge://* *.microsoft365.com *.office.com m365.cloud.microsoft copilot.cloud.microsoft ccm.mobile.m365.svc.cloud.microsoft copilot.cloud-dev.microsoft; report-to csp-endpoint
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Not Authorized
(Potential misconfiguration)
Incident Reporting
mailto:[email protected]
CAA Issues
- • CRITICAL: Current certificate issuer 'C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 08' is NOT authorized by CAA records. Authorized CAs:
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
Subject Alternative Names
163 domains
copilot.ai
discover.copilot.ai
businesscentral.com
www.businesscentral.com
copilot.com
discover.copilot.com
www.copilot.com
cpt.link
www.cpt.link
developervelocityassessment.com
www.developervelocityassessment.com
yarp.dot.net
gears5.com
www.gears5.com
gearstactics.com
www.gearstactics.com
getlicensingready.com
www.getlicensingready.com
www.jclarity.com
aep.microsoft.com
aer.microsoft.com
aether.microsoft.com
afflink.microsoft.com
aistories.microsoft.com
alerts.microsoft.com
analyticspartner.microsoft.com
backoffice.microsoft.com
biz4afrika.microsoft.com
business.microsoft.com
businesscentral.microsoft.com
businessmobilitycenter.microsoft.com
businessplatform.microsoft.com
cashback.microsoft.com
cdn.techcommunity.microsoft.com
ceoconnections.event.microsoft.com
cloud-immersion.microsoft.com
cobra.me.microsoft.com
commercialappcertification.microsoft.com
communities.microsoft.com
communities2.microsoft.com
community.microsoft.com
connect.microsoft.com
connectevent.microsoft.com
crawlmsdn.microsoft.com
dataplatform.microsoft.com
design.microsoft.com
develop.microsoft.com
domains.microsoft.com
dynamics.microsoft.com
empresas.microsoft.com
enterprise.microsoft.com
entrepreneur.microsoft.com
example.microsoft.com
explore-marketing.microsoft.com
explore-security.microsoft.com
explore-smb.microsoft.com
expressions.microsoft.com
fuse.microsoft.com
futuredecoded.microsoft.com
ga.microsoft.com
garage.microsoft.com
gigjam.microsoft.com
grv.microsoft.com
hup.microsoft.com
hxd.research.microsoft.com
ideas.fabric.microsoft.com
ieak.microsoft.com
imagine.microsoft.com
innovationcontest.microsoft.com
insidemsr.microsoft.com
iotcentral.microsoft.com
iotschool.microsoft.com
itpro.microsoft.com
kleinunternehmen.microsoft.com
learnanalytics.microsoft.com
learning.microsoft.com
lumiaconversationsuk.microsoft.com
m12.microsoft.com
mac.microsoft.com
mac2.microsoft.com
madeira.microsoft.com
mango.microsoft.com
mcsp.microsoft.com
messenger.microsoft.com
microsoft.com
minecraft.microsoft.com
mkb.microsoft.com
msctec.microsoft.com
msdnisv.microsoft.com
msdnwiki.microsoft.com
mspartnerira.microsoft.com
mspress.microsoft.com
music.microsoft.com
mvtd.events.microsoft.com
mydatahealth.microsoft.com
oemcommunity.microsoft.com
ondernemers.microsoft.com
online.microsoft.com
onlinelearning.microsoft.com
open.microsoft.com
openness.microsoft.com
partnercommunity.microsoft.com
partnerincentives.microsoft.com
phoenixcataloguat.microsoft.com
pinpoint.microsoft.com
pinunblock.microsoft.com
pme.microsoft.com
pmi.microsoft.com
powerapps.microsoft.com
powerautomate.microsoft.com
powerpages.microsoft.com
powerplatform.microsoft.com
powervirtualagents.microsoft.com
ppe.sds.microsoft.com
pymes.microsoft.com
real-stories.microsoft.com
reroute443.microsoft.com
researchforum.microsoft.com
rss.microsoft.com
s.microsoft.com
sar.microsoft.com
sds.microsoft.com
shop.microsoft.com
skypeandteams.fasttrack.microsoft.com
snackbox.microsoft.com
sponsors.microsoft.com
spur.microsoft.com
stationq.microsoft.com
store.microsoft.com
stream.microsoft.com
studentpartners.microsoft.com
successionplanning.microsoft.com
successionplanninguat.microsoft.com
szkolyprzyszlosci.microsoft.com
tco.microsoft.com
techacademy.microsoft.com
terraserver.microsoft.com
test.ideas.fabric.microsoft.com
upgradecenter.microsoft.com
visio.microsoft.com
www.aep.microsoft.com
www.aer.microsoft.com
www.cashback.microsoft.com
www.formspro.microsoft.com
www.microsoftdlapartnerow.microsoft.com
www.powerautomate.microsoft.com
www.skypeandteams.fasttrack.microsoft.com
wwwbeta.microsoft.com
yourchoice.microsoft.com
microsoft.com.au
www.microsoft.com.au
www.microsoft365copilot.com
microsoftstream.com
web.microsoftstream.com
www.microsoftstream.com
aus.delve.office.com
ind.delve.office.com
jpn.delve.office.com
kor.delve.office.com
msaidatastudio.officeppe.net
seeingai.com
techinnovatorsspotlight.com
www.techinnovatorsspotlight.com
Other domains in certificate