Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=mkwin.net
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 06, 2025
Valid Until
March 06, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
EE:54:3A:98:A8:B8:0C:51:1E:13:B7:34:4A:03:FB:60:71:AE:35:A0:04:9F:5C:9E:CD:23:DC:6C:4D:F9:79:A1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
sciroccotramontana.it
kimball-config.3dcloud.io
42degrees.co.uk
www.aleylasoftware.com
andycai.xyz
app-conection.com
profissional.appmyjourney.com
arctomicstudio.com
classmanagerpilot.auxswot.com
nexus.caarya.work
www.calvinyap.com
vse.cateringportal.io
www.catkodagu.com
www.chakshutandon.com
test-links.chekhub.com
www.cinemaswipe.com
app.cmartshipping.com
test-atm.gayatrifood.co.in
my.miratel.com.ua
cpaaek.com
www.delrexconsulting.com
www.docneasy.com.br
www.dotuml.com
www.dremdarios.dev
www.drivetech.fr
www.dttt.io
v2.ebunker.io
ecoloop.us
enfarrados.com
engrossapp.com
www.eurobilinvest.no
extragreat.com
www.eyalapp.com
beta.f2bportfolio.com
freescreenwriting.com
fructif.com
gamevista.de
www.getsleeptimer.com
www.globalstaffingsupport.com
stake.goyib.com
www.greamer.com
www.guideofthewild.com
henri.fm
www.histocks.io
housesellersource.com
www.idee-und-idyll.de
www.idolssalon.com
iippconference.com
imbianchinotrento.it
implicitex.com
workshop.improve10x.com
indoorbillboarddisplays.com
jauntmore.com
jesusapp.com
www.karoteanime.com
sokkademakers-leerkosten.katalysatorduravermeer.nl
www.leansoft-inc.com
libertytips3.com
lloyds-mowers.com
summa.m1studio.co
meluha-admin.macademy.in
app.meetinreal.com
i.meetsla.com
dress-show.memolead-campaign.jp
mika.yoga
mkwin.net
mleib.com
www.monotask.co
soycandidato.pe.moons.solutions
draft.mtgaddict.net
talentgram.nata.house
nebulos.space
www.nesoyonspasraisonnables.com
nmbjjgrappling.com
test.ojascode.com.au
orbit.jobs
painel.paggx.com.br
www.patsons.ca
sift.pave.com
pdfzero.com
www.preggy.health
app.rafamall.com
riderwiseshop.com
saar.io
www.shivanip098.com
app.shyftapp.de
singinglessonsleicester.com
smallscenes.life
share.stage.in
surrender.love
terowing.com
www.thetotaltransformation.com
tiputech.ca
uniconyx.xyz
www.vivahaworld.com
preview6.fm.stage.voiapp.io
www.waarkoop.com
api-staging.walkie-talkie.io
www.wearetastebuds.com
new.yodelit.co
Other domains in certificate