Open
Cached
·
just now
89/100
SECURITY SCORE
Certificate Information
Subject
CN=whois.co.com
Issuer
C=US, O=Amazon, CN=Amazon RSA 2048 M03
Valid From
May 19, 2025
Valid Until
June 17, 2026
161 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
71:52:38:76:27:4F:E5:92:A7:89:19:00:DA:FF:6F:49:11:BF:62:3C:AE:69:BB:94:AE:DD:47:89:E7:42:1C:2A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
Forward Secrecy
Limited
(Check cipher configuration)
Warnings
- • TLS 1.3 is not supported (recommended)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
frame-src; script-src; default-src; +1 more
frame-src https://www.google.com/ https://www.gstatic.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google.com/ https://www.gstatic.com; default-src 'self' https://media.centralnicregistry.com data: 'unsafe-inline' 'unsafe-eval' https://*.typekit.net https://fonts.gstatic.com; object-src 'none'
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
same-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
83 domains
whois.nic.bmw
whois.co.com
whois.nic.co.com
whois.nic.co.nl
whois.com.de
whois.nic.in.net
whois.nic.allfinanz
whois.nic.art
whois.nic.auto
whois.nic.autos
whois.nic.baby
whois.nic.beauty
whois.nic.best
whois.nic.bh
whois.nic.boats
whois.nic.bond
whois.nic.cam
whois.nic.car
whois.nic.cars
whois.nic.ceo
whois.nic.college
whois.nic.deloitte
whois.nic.dhl
whois.nic.dvag
whois.nic.fans
whois.nic.fm
whois.nic.fo
whois.nic.fresenius
whois.nic.frl
whois.nic.fun
whois.nic.gd
whois.nic.gent
whois.nic.hair
whois.nic.homes
whois.nic.host
whois.nic.icu
whois.nic.kfh
whois.nic.kpn
whois.nic.kred
whois.nic.lidl
whois.nic.lpl
whois.nic.lplfinancial
whois.nic.luxury
whois.nic.makeup
whois.nic.mini
whois.nic.monster
whois.nic.motorcycles
whois.nic.online
whois.nic.ooo
whois.nic.pohl
whois.nic.press
whois.nic.protection
whois.nic.pw
whois.nic.quest
whois.nic.reit
whois.nic.rent
whois.nic.saarland
whois.nic.schwarz
whois.nic.security
whois.nic.sfr
whois.nic.site
whois.nic.skin
whois.nic.smart
whois.nic.space
whois.nic.stc
whois.nic.stcgroup
whois.nic.storage
whois.nic.store
whois.nic.tech
whois.nic.theatre
whois.nic.tickets
whois.nic.tui
whois.nic.uno
whois.nic.vg
whois.nic.viva
whois.nic.website
whois.nic.wme
whois.nic.xn--ngbe9e0a
whois.nic.xn--vermgensberater-ctb
whois.nic.xn--vermgensberatung-pwb
whois.nic.xyz
whois.nic.yachts
whois.nic.zuerich
Other domains in certificate