Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=kiva.it
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 11, 2026
Valid Until
May 12, 2026
89 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
50:26:68:B5:EB:C2:23:FB:BC:49:67:63:84:C6:5D:52:10:F5:50:8A:97:FE:5C:7D:04:98:68:90:B3:3D:00:32
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
pilks.com
*.pilks.com
*.acc.pilks.com
*.access.pilks.com
*.admin.pilks.com
*.apps.pilks.com
*.cadastro.pilks.com
*.cloud.pilks.com
*.dev.pilks.com
*.exchange.pilks.com
*.gateway.pilks.com
*.hostmaster.pilks.com
*.mail.pilks.com
*.pixel.pilks.com
*.portal.pilks.com
*.preview.pilks.com
*.rdp.pilks.com
*.rds1.pilks.com
*.rdweb.pilks.com
*.remote.pilks.com
*.sitemap.pilks.com
*.staging.pilks.com
*.vpn.pilks.com
*.webvpn.pilks.com
*.wildcard.pilks.com
*.ww1.pilks.com
*.ww17.pilks.com
*.ww25.pilks.com
*.ww41.pilks.com
*.blog.bseodisha.com
bseodisha.com
*.bseodisha.com
*.ww16.bseodisha.com
*.ww25.bseodisha.com
*.admin.escaperat.com
*.autoconfig.escaperat.com
*.autodiscover.escaperat.com
*.blog.escaperat.com
*.cpcalendars.escaperat.com
escaperat.com
*.escaperat.com
*.ftp.escaperat.com
*.m.escaperat.com
*.new.escaperat.com
*.remote.escaperat.com
*.test.escaperat.com
*.vblosimmrlrds.escaperat.com
*.webdisk.escaperat.com
*.webmail.escaperat.com
*.whm.escaperat.com
*.www.escaperat.com
*.5ba8ac23-6fbb-4644-8b74-de02560d1ef8.gambar.cc
gambar.cc
*.gambar.cc
*.admin.golocalstays.com
*.blog.golocalstays.com
golocalstays.com
*.golocalstays.com
*.videos.golocalstays.com
*.www.golocalstays.com
*.com.keasling.com
keasling.com
*.keasling.com
*.www.keasling.com
kiva.it
*.kiva.it
*.vpnssl.kiva.it
*.food.kshcool.com
*.jianshen.kshcool.com
kshcool.com
*.kshcool.com
*.man.kshcool.com
*.mouth.kshcool.com
*.news.kshcool.com
*.shenbing.kshcool.com
*.woman.kshcool.com
*.www.kshcool.com
*.yanke.kshcool.com
*.zhongyi.kshcool.com
movievod.me
*.movievod.me
*.ww38.movievod.me
oxforvacancies.com
*.oxforvacancies.com
rbxapiz.xyz
*.rbxapiz.xyz
*.ww16.rbxapiz.xyz
*.mx.rentalbikes.it
rentalbikes.it
*.rentalbikes.it
Other domains in certificate