Open
Cached
·
just now
75/100
SECURITY SCORE
Certificate Information
Subject
CN=ik.imagekit.io
Issuer
C=US, O=Let's Encrypt, CN=E7
Valid From
December 10, 2025
Valid Until
March 10, 2026
50 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
0E:29:DE:D3:89:7F:1B:0E:A6:7B:DA:80:07:79:77:FF:6D:79:A0:09:4E:33:8D:42:FD:38:B4:DA:E3:53:0C:71
Alternative Names
Security Configuration
TLS Protocols
TLS 1.1
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
Warnings
- • TLS 1.1 is deprecated and should be disabled
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
76 domains
images.sleeknote.com
img.ably-static.com
images.adastrahire.co.uk
img.airhelp.com
images.almanapp.nl
images.api-tvcine.com
cdn.armut.com
media.betmgm.nl
imagecdn.bidorbuy.co.za
cdn.builtbygo.com
img-ik.cars.co.za
cdn.funder.co.il
images.carwiz.co.il
img.construnario.com
cdn.cube.swiss
ik.cxm.hr
img.dagensvimmerby.se
cdn.danfil.cz
cdn.deal.nl
immagini.designbest.com
immagini.drezzy.it
imagekit.dskbank.net
2548c22a5d.edge.storage
4a2e5bfda6.edge.storage
4d325d724f.edge.storage
7ab38188cc.edge.storage
82941401db.edge.storage
8cee1de397.edge.storage
c9b7d034b8.edge.storage
e591dcd21c.edge.storage
e6aa86577c.edge.storage
images.enotriacoe.co
imgs.ercol.com
images.esi.info
images.evenito.com
img-cdn.financeunlocked.com
images.fitgram.com
media.goesenroos.nl
img.grenardigroup.com
images.groupedubreuil.com
images.hhd.group
img2.holidu.com
media.homify.com
ik.imagekit.io
images.interhome.group
images.its.co.uk
images.jobbland.no
images.jobbland.se
img.justflight.com
z-art-img.kunst.nl
img.lizee.io
cdn.loveco-shop.de
image.maniet.be
img.meilenoptimieren.com
img.nebelkind.com
assets.nextchapter-ecommerce.com
images.pricezilla.de
images.qssupplies.co.uk
immagini.qualescegliere.it
images.rangeela.co.uk
img.remato.com
img.sakneen.com
immagini.shoppydoo.it
images.sigma.world
cdn.simyo.nl
img.skilleos.com
img.sonofatailor.com
images.sparhandy.de
cdn.sportsecyclopedia.com
public.img.sugar4.me
images.tayna.com
immagini.trovaprezzi.it
medias.ultrapremiumdirect.com
cdn.veto-tierschutz.de
static.vystem.io
cdn.wemeo.ch
Other domains in certificate