Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=skratchdot.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 02, 2025
Valid Until
March 02, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0A:3D:A0:4D:6B:70:15:A9:2C:4B:7B:E6:AE:46:D8:83:38:C8:04:B8:90:4A:59:9E:87:65:54:BF:A2:19:32:E9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
vbbuildingservices.co.uk
77winters.com
www.adanenlinea.com
admabs.com
ai-first.net
www.akpa.ch
altmannbence.hu
alvicap.com
www.ambedo.io
www.andrealaveaga.com
admin.apie.app
athiraponneth.com
awovenworld.com
ayricsystems.in
vaccines-privacy.biloba.com
canvae.com
gig.chris.mk
clean-concept-group.com
clickaitrader.com
www.support.cognite.com
bodega.computosonora.com
link.demo-achilles.systems
claims-r.dev-ltl-xpo.com
q2-myreports.dpd.co.uk
paying.ecopass.app
educacaoemdireitoshumanosupe.blog
ellay.club
eneible.com
esense-eegenius.com
eshwa.ai
hallo.ezturns.com
kinestral-qa-ideacloud.forgedx.com
www.freeiching.com
www.staging.console.genvision.it
girassolempreendimentos.com.br
mkhuntar.impreszions.biz
resumenbimbo.inter.mx
sytycj.jellyrolljazzclub.com
joaquinalvarez.dev
photos.jondh.com
www.kauilenergy.com
www.kingent3.com
kovalsoft.ca
app.kreelio.com
www.ladimi.com
michanic.lernit.app
lgbtinternational.com
list2playlist.com
lockito-app.com
maternalnutri.com
www.matterbe.com
meetandmatch.golf
standard.meinevitabilanz.de
www.micaros.eu
www.miccca.jp
miracitizenship.org
momentwall.com.br
www.nativeforms.com
www.neighborhooddraft.com
www.nithyakrishnacrackers.com
nm-4.in
odeliatech.com
www.okansumer.be
yaiat.pardi.dev
www.patiofarm.me
www.petmetru.cz
dermatologia.prepmedrd.com
games.prof.ninja
www.qcmed.be
www.reco.works
manageconnect.rentokil-initial.com
rovinaskitchen.com
runningtheory.com
content.scipiosoft.com
www.seocloud.app
shayanrazavi.com
dash.shroompany.com
vtc13.simpliroute.com
vtc23.simpliroute.com
simpo-admin.simpo.ai
skratchdot.com
solucien.co.za
telsi-app.speakylink.com
winterhawkswatchparty.sqwadhq.com
www.taplaw.com
chat.techfolio.jp
screen4.test4.life
ticketpass.cr
brava.turnosweb.app
valiending.com
www.vvipnetwork.com
waap.cc
www.welkominvenray.nl
wineandspirits.de
www.wissema.eu
workhub.mx
workoutsapps.com
www.yni.app
alnair.admin.yondemy.com
erp.zaslogistica.com
Other domains in certificate