Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=sk-alex.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 08, 2025
Valid Until
January 06, 2026
53 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E0:0A:3B:1E:B1:5E:5A:84:6D:A7:E8:BA:80:66:93:6D:15:C5:01:87:E8:2C:1A:3A:A9:68:A6:0C:9F:1C:7E:30
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
sheplatform.io
staging.api.lineofsight.28east.co.za
get.433app.com
curry-dev-leaf.5loyalty.com
deliroutine-app-dev.5loyalty.com
drinks-and-co-dev.5loyalty.com
hopunionbrewery.5loyalty.com
www.activities-central.com
aeromsis.aerometpro.aero
interior.agazagraba.com
www.akademiapelavo.pl
www.alguitomas.com
web.alini.ro
td.almosafer.com
ammerhouse.com
anaheimgrease.com
craft-app.anitaskumat.com
travel.anitaskumat.com
annalsoforme.com
ngclub.anyware.software
apollofamilyhealth.com
app.beauty-up-app.com
www.beventer.com
www.billsne.ws
www.bluestarnova.com
pagtenadmin.bmtp.life
buildaboard.com.br
mixtape.caset.app
www.cloodin.com
unstable.communitilocal.com.au
pl.cotuongoffline.com
www.courthousebuys.com
cowboysfordtailgate.com
darkwatercustoms.com
dataflow-ai.ch
auth.dateupapis.co
tsdlearning.digitalapb.online
earth2.se
dashboard.ezturns.com
fourle.fastriver.dev
www.fergusbisset.com
beta.fluss.io
footballprenup.com
8ballbilliardsclassic.games235.com
cakesliceninja.games235.com
happyelephant.games235.com
ludo.games235.com
pou.games235.com
solitaire.games235.com
timber.games235.com
ubg98.games235.com
www.geocanchas.com
gfd.getmade.co
www.htake.com
www.iqsales.cloud
jadefred.com
music.jounetsism.biz
kmbeverages.com
www.limesys.co.za
playerapp.lotomobil.com
www.lucasportela.dev
metaverseclub.org
mharis.dev
mikezapata.tech
www.minecraft-event.net
www.mlfairy.com
jafirebasec2.moboreader.com
onlineheartrate.com
otasuperstars.com
www.prettynailsgainesvillefl.com
promobarons.com
querelo.com
roadagain.dev
romo.sh
www.roxaneetchristophe.be
runsonfun.com
rupp.it
outward.schlosser.io
sk-alex.com
skylineelite.ae
open.qa.snapscan.io
snbj.dev
soichisumi.net
www.southclydeenergycentre.co.uk
pmcsx.sparwerx.com
sportsperformanceunleashed.com
macutriviademo.sqwadhq.com
studio-piyo.com
initia.swapfast.app
www.tau.software
www.tfshealth.net
tripletise.dk
staging.trust-leap.de
ultraproactive.ph
www.voyadoc.com
weapon.school
app.webbest.co.za
welschen.ch
yeeran.online
zilliox.ch
Other domains in certificate