Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.scottkip.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 20, 2025
Valid Until
January 18, 2026
46 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
33:5F:B6:28:A8:FC:4E:88:5E:EA:4B:40:28:E1:06:ED:2C:37:F9:3D:B5:8E:C5:4D:FE:C1:05:C6:21:E5:3E:62
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
my-digital.menu
fire.51tk.net
www.a3offroad.ae
app.adalong.dev
eirene.allianceforpeacebuilding.org
salem.arnidroptaxi.in
vellore.arnidroptaxi.in
axebear.dev
earlyaccess.backlot.studio
cooking.beeveloper.de
jasom.bodyfix.io
bookdoctor.one
www.broccoapp.com
cliente.c3pet.com.br
admin.charitysuite.uk
technyteams.co.in
pruksamoney.co.th
www.tribeni.com.np
www.custoking.com
poc-ionic.daobui.nl
dillo.app
www.dishlicious.de
www.dlkrentals.net
admin-staging.dosehelper.com
portal.edhance.cz
match.riobrancofac.edu.br
circular.nerf.emallstudio.com
test-app.enigmia.ai
edocert.exagonplus.com
app.farmbov.com
www.finanz.nu
portal.flixiy.com
music.fofo.dev
tech.fores-tone.co.jp
www.forter.dev
www.gioelevalori.com
app.goodpayers.com
gorievent.com
ilboscodialberolungo.it
infinititechsolution.in
www.jamiessoftware.com
service-thinking.jason-e.dev
www.jb-projektmanagement.de
jesselima.dev
kerkesix.fi
kidskey.org
krrajnish.com
kiosk.kynda.one
chanel.lefty.io
linetweet.de
linkbi.ooo
gc.makushev.com
app.nafakt.hr
oshukai-karate-68.fr
padelpulse.app
www.parlance.app
paulportal.com
checkout.pay2b.io
dev.popit.io
poptagg.me
prudentcpa.com
purplediary.app
ralf-mack.de
www.redmilelimousine.com
portal.ssipmt.researcherconnect.com
dev-mcbrokers.rhodium.ooo
rtsfares.com
www.saaasllp.com
sanabilmobile.shop
www.scottkip.com
servicretohn.com
fb.snooey.net
delivery.softwarebistro.com.br
www.sohailalimalik.in
photography.souparnabasak.xyz
shareprd.sparrowconnected.com
applink-beta.sportshi.io
techinject.io
www.telugu.fm
rexel.tempotech.com
navigator.thecyberhive.net
thepaper.app
thetagcreatives.com
myaccount.thewaybackvr.com
www.tipsytourney.com
www.tonymolumby.com
topapps.dev
www.topsun-fpc.com
asiatraining.turnosweb.app
twinc3.com
www.twobrothersmedical.com
www.ukuntu.com
ultimateshape.nl
vardaanshukla.in
veyselace.com
www.visual-raffle.com
waillan.digital
app.widid.ch
yei-solutions.com
domestic-accounts-book.youkan.me
Other domains in certificate