DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt Active incidents

Certificate Information

Subject
CN=bkning.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 25, 2026
Valid Until
July 24, 2026 72 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5A:01:9E:92:13:F4:27:2F:0C:5E:42:9A:B2:5A:50:33:95:21:C8:C2:16:64:55:F3:63:70:73:76:04:A8:B5:28
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
vrmint.com *.vrmint.com *.cf4aa819-a641-4c42-ab83-bdec76367437.vrmint.com *.m.vrmint.com

Other domains in certificate

*.app.bkning.com bkning.com *.bkning.com *.bookstack.bkning.com *.buy.bkning.com *.cart.bkning.com *.cloud.bkning.com *.club.bkning.com *.demo.bkning.com *.m.bkning.com *.mail.bkning.com *.marketing.bkning.com *.mautic.bkning.com *.order.bkning.com *.rd.bkning.com *.rdweb.bkning.com *.remote.bkning.com *.rustore.bkning.com *.shop.bkning.com *.sitemap.bkning.com *.sitemaps.bkning.com *.store.bkning.com *.vpn.bkning.com *.www.bkning.com
*.attccms.carrello.com carrello.com *.carrello.com *.il.carrello.com *.mail.carrello.com *.mail2.carrello.com
competitiveukraine.org *.competitiveukraine.org *.webmail.competitiveukraine.org
*.30a72627-baff-43c4-b480-93245e8b709e.enak.my *.admin.enak.my *.api.enak.my *.app.enak.my *.assets.enak.my *.d623040f-affd-4c1f-a4e6-9095a59adff2.enak.my *.demo.enak.my *.dev.enak.my enak.my *.enak.my *.f2af31f3-9595-4844-be8b-4c76ac941bfb.enak.my *.hostmaster.enak.my *.mail.enak.my *.test.enak.my *.webdisk.enak.my *.whm.enak.my *.www.enak.my
*.flacwrz24bit.losslesswrz.biz *.flacwrzorg.losslesswrz.biz losslesswrz.biz *.losslesswrz.biz *.wrzbvinyl.losslesswrz.biz *.wrzflac.losslesswrz.biz *.wrzvinyl.losslesswrz.biz *.ww38.losslesswrz.biz *.www.losslesswrz.biz
niz-lesite.com *.niz-lesite.com *.ww25.niz-lesite.com
*.hostmaster.personalizedweb.com *.mx.personalizedweb.com personalizedweb.com *.personalizedweb.com *.sitemap.personalizedweb.com
*.a.thewoodlandstxrealestate.com *.admin.thewoodlandstxrealestate.com *.aeyyaa.thewoodlandstxrealestate.com *.app.thewoodlandstxrealestate.com *.assets.thewoodlandstxrealestate.com *.demo.thewoodlandstxrealestate.com *.dev.thewoodlandstxrealestate.com *.igqnpdev.thewoodlandstxrealestate.com *.kfivubsy.thewoodlandstxrealestate.com *.mail.thewoodlandstxrealestate.com *.samara.thewoodlandstxrealestate.com *.test.thewoodlandstxrealestate.com thewoodlandstxrealestate.com *.thewoodlandstxrealestate.com *.www.thewoodlandstxrealestate.com
*.erc.yespension.com *.erci.yespension.com yespension.com *.yespension.com