Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=keepflying.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 06, 2025
Valid Until
March 06, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B5:5C:C1:13:35:87:81:97:35:8D:B8:FF:8C:9B:4A:AE:CD:72:F0:9D:50:3B:74:93:B6:42:7D:7A:BE:7C:F0:14
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
keepflying.org
13.typeforce.com
affordablerentingsolutions.com
www.animiq.com
partner.appointme.net
aprillatech.com
rider.argo.ai
verify-dev.sandbox.beforepay.com.au
app.bemeworld.vn
app-dev.blackroll.com
get.bubblebump.com
app.bubblybrain.ch
www.casaadevesadesanabria.com
web-irma-mail-actions-dev.cc-irdigital.pe
celotium.com
invu.clau.io
2fni.clian.net
www.clippertonislandyachtclub.com
datahosting.clonck.com
fanscope.clubfunders.io
admin-v2-dev.selectstar.co.kr
cocoplanete.com
www.lacucha.com.uy
www.semaqui.com.uy
comicsflow.com
dancashion.com
portal.dealcollab.io
carla.deroberto.com
didrik.tech
anthony.difiglio.com
admin.doconation.com
dotechnow.com
dowerglen.co.za
eastcoastpizza.net
reserv.exam.net
farisshatat.com
farmallard.com
ffocus.app
finefit.london
app.fitportal.uk
flywithluis.com
www.gerardoluisbv.com
app.gs926.com.ar
filicleanforms.gymkee.io
suite-tst.hasanuzun.com
igorlipovac.com
resumengigante.inter.mx
ssa.invue-live.com
www.jamiegilmartin.com
www.jcudin.fr
jesslevy.ca
kazim.dev
leetlab.com
legalhobprime.com
staging-api.legalkarma.io
demo.linehopper.app
loganfalkenberg.com
maisondechame.com
mapleinvoices.com
www.marshotel.com
www.matan-dayan.com
portal.missuniverseskincare.com
monitoro.co
www.monsterlabstudios.com
na-cp.org
nextreview.io
abra.nickbarnard.dev
www.otreas.com
hm.overview.one
p-b-a.jp
www.parzu.com
pauldhaliwal.dev
www.pedro.gr
pams.pentfieldtechnologies.com
tracker.produvar.com
sphinx.riddl.ca
rishireethirealty.com
www.rvmarathi.com
dev.admin.rx.me
www.seattletechhub.com
www.showbook.com
link.shuk.mx
spacebrain.me
etm-demo-usa.spotparking.com.au
staarglobalexxpo.com
accounting.sugarant.com
sulzi.ch
app.tartufabile.it
telluswhenwhere.com
thecryptosharks.net
links.united-heroes.com
www.vancegallagher.com
dev.vendoo.co
app.vrxconnect.com
watertonlaw.co.uk
www.wcpocambodia.org
fd.woolworths.com.au
yamabu.info
app.test.zeffi.dev
app.zorg.co
Other domains in certificate