Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.kingdomgardenplots.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 23, 2025
Valid Until
December 23, 2025
33 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AF:45:1B:DF:CC:85:66:D6:9B:34:F6:80:82:D7:B3:EB:29:C5:6D:AD:A6:49:32:92:AB:E0:7C:E8:1E:6A:3F:3A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.brahmahandicrafts.com
2.trecresults.com
agenticminds.ai
aker.boo
akinmail.com
alloftheabove.tv
hangar33.appshare.com.br
arge-live.org
cnh-ctl-test.autolomate.com
www.bayselfmakina.com
www.bgremoval.app
bodaty-brans.com
digital.central.sc
www.centurioninfotech.com
www.citimaxenterprises.com
go.clublines.app
app.connecthr.co.mz
uat.propertygenie.com.my
www.kindaprec.com.tw
www.copenhagenjs.dk
dashfinanceapp.com
dearletters.life
etrain-app.decervo.com
denchosoko.com
crm.dolpheen.id
hnpwa.drakkein.me
www.duetandroid.com
www.dvacomedores.com
powerbank-rental.energic.sa
app.equevu.com
eurofortetrade.com
www.ferronhas.pt
admin.festivaldocafe.com
finecut.co
quickscan.flynth.nl
www.galbumreviews.com
globulars.org
greenlandpm.com
gvrapps.com
www.happybati.com
henrydevlab.tech
www.huesofthemind.org
ihbeya.com
imvinicius.com
www.kerimserbetci.com
www.kingdomgardenplots.com
koreavalley.com
leoni.jp
staged.libretto.fm
mesbro-profile.mesbro.in
mesbro-video.mesbro.in
firebase.miboso.life
www.minair.me
app.mitag.co
non.mpedersen.me
mydmapp.com
app.twinkle.nandenjin.com
nebuzora.com
bingo.nnntll.com
novaxon.com
orderease.show
outnovate.co
petestewart.dev
picol.is
www.placementshare.com
planama.net
dev.links.playreplay.io
pokematcher.com
auth-dev.propro.one
www.admin.protoed.com
admin.queue.lol
retailconnect.in
rocinantebuceo.uy
ns3.rusticcitrus.com
simpl.rent
simpled.io
swap.sishi.finance
soulai.ai
westover.sprxvr.com
psop.suzulabo.net
bodagodoyerroa.swanmoments.lat
takeatulip.com
machine-learning.taliferro.com
members.themakersmob.com
podcast.tkjn.net
sncf-dev-vr.vv.toysfilms-interactive.com
www.turn-up.app
ufast.co
www.unititiexpress.com
ordernow.vietnamesecafe.net
www.violabs.io
wandale.us
admin.washedup.in
www.wongsylvia.com
wordart.app
www.new.yogame.com
www.yvo.net
storybook.zara-co.com
auth.zlnk.io
web.zset.in
Other domains in certificate