Open
Cached
·
just now
86/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=msn.co
Issuer
C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 04
Valid From
November 06, 2025
Valid Until
May 05, 2026
163 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA384-RSA
SHA-256 Fingerprint
F4:4D:D3:2A:B7:EC:E0:78:F0:3A:CD:D4:3A:33:A9:61:A9:4F:AD:E1:A5:BA:16:EA:52:20:31:63:7E:B3:5A:B0
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=1209600; includeSubDomains; preload
Content-Security-Policy
Basic
block-all-mixed-content; connect-src; default-src; +5 more
block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss: 'report-sample';font-src 'self' data: https: blob: wss: assets.msn.com assets2.msn.com assets.msn.cn assets2.msn.cn;frame-ancestors 'self' int1.msn.com ntp.msn.cn ntp.msn.com windows-int1.msn.com windows.msn.cn windows.msn.com www.bing.com www.msn.com mathsolver.microsoft.com mathsolver-dev.microsoft.com chrome-extension://lklfbkdigihjaaeamncibechhgalldgl;media-src 'self' https: blob:;report-to csp-endpoint;worker-src 'self' https: blob: 'report-sample';
X-Frame-Options
Good
sameorigin
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Not Authorized
(Potential misconfiguration)
Incident Reporting
mailto:[email protected]
CAA Issues
- • CRITICAL: Current certificate issuer 'C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 04' is NOT authorized by CAA records. Authorized CAs:
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
Subject Alternative Names
178 domains
msn.ua
www.msn.ua
bhashaindia.com
www.bhashaindia.com
msn.co.at
www.msn.co.at
msn.co.il
www.msn.co.il
msn.co.in
www.msn.co.in
msn.co.ke
www.msn.co.ke
mscopilotstudio.co.kr
msn.co.kr
www.msn.co.kr
msn.co.ug
www.msn.co.ug
msn.com.cy
www.msn.com.cy
msn.com.do
www.msn.com.do
mscopilotstudio.com.hk
msn.com.kn
www.msn.com.kn
msn.com.kz
www.msn.com.kz
msn.com.ru
www.msn.com.ru
msn.com.sa
www.msn.com.sa
msn.com.sb
www.msn.com.sb
msn.com.sv
www.msn.com.sv
msn.com.tw
www.msn.com.tw
msn.com.uy
www.msn.com.uy
msn.com.vi
www.msn.com.vi
ato.microsoft.com
beta.to-do.microsoft.com
cloudsociety.microsoft.com
microsoftactualite.org
www.microsoftactualite.org
microsoftberita.com
www.microsoftberita.com
microsoftberita.id
www.microsoftberita.id
microsoftberita.org
www.microsoftberita.org
microsoftcopilotstudio.dk
microsoftcopilotstudio.es
microsoftcopilotstudio.eu
microsoftcopilotstudio.fr
microsoftcopilotstudio.it
microsoftcopilotstudio.jp
microsoftcopilotstudio.net
microsoftcopilotstudio.nl
microsoftcopilotstudio.org
microsoftcopilotstudio.uk
microsoftcopilotstudio.us
mscopilotstudio.ai
mscopilotstudio.biz
mscopilotstudio.ca
mscopilotstudio.co
mscopilotstudio.co.uk
mscopilotstudio.com
mscopilotstudio.com.au
mscopilotstudio.com.br
mscopilotstudio.de
mscopilotstudio.dk
mscopilotstudio.es
mscopilotstudio.eu
mscopilotstudio.fr
mscopilotstudio.it
mscopilotstudio.jp
mscopilotstudio.net
mscopilotstudio.nl
mscopilotstudio.org
mscopilotstudio.pl
mscopilotstudio.uk
mscopilotstudio.us
msn.asia
www.msn.asia
msn.cd
www.msn.cd
msn.cm
www.msn.cm
msn.co
www.msn.co
msn.co.jp
www.msn.co.jp
msn.com.mx
www.msn.com.mx
msn.dk
www.msn.dk
msn.do
www.msn.do
msn.ec
www.msn.ec
msn.fr
www.msn.fr
msn.gd
www.msn.gd
msn.gt
www.msn.gt
msn.hk
www.msn.hk
msn.info
www.msn.info
msn.jobs
www.msn.jobs
msn.kn
www.msn.kn
msn.kz
www.msn.kz
msn.la
www.msn.la
msn.lu
www.msn.lu
msn.me
www.msn.me
msn.ms
www.msn.ms
msn.mt
www.msn.mt
msn.mx
www.msn.mx
msn.my
www.msn.my
msn.pa
www.msn.pa
msn.pw
www.msn.pw
msn.sa
www.msn.sa
msn.se
www.msn.se
msn.uy
www.msn.uy
msnauto.biz
www.msnauto.biz
msnauto.com
www.msnauto.com
msnauto.info
www.msnauto.info
msnauto.net
www.msnauto.net
msnauto.org
www.msnauto.org
msnautos.biz
www.msnautos.biz
msnautos.info
www.msnautos.info
msnautos.mobi
www.msnautos.mobi
msnmotortrend.com
www.msnmotortrend.com
msnmotortrend.net
www.msnmotortrend.net
msnmotortrend.org
www.msnmotortrend.org
msnsupport.com
www.msnsupport.com
msnsupport.us
www.msnsupport.us
msnvideo.com
www.msnvideo.com
www.msr-emergence.com
msropendata.com
www.msropendata.com
northernmountains.net
www.northernmountains.net
reflect.do
www.reflect.do
staging-typescript.org
www.staging-typescript.org
Other domains in certificate