Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=shtnkgm.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 22, 2025
Valid Until
February 20, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
54:5B:3F:E3:39:28:CB:DC:0F:A7:F0:E9:39:CF:1A:F0:E0:4E:68:74:B7:05:8C:5B:AF:CB:7D:66:24:3E:45:D4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
chessaim.com
static.12bay.vn
aiat.pt
www.aminemusic.com
www.anjanadevibadrinath.com
redirect.anycarry.jp
www.apricotbook.com
arthur-web.dev
www.atluz.com
auriga-diary.com
www.banquette.io
www.bass-fretboard-notes.com
belarefrigeration.com
www.brianhager.com
www.bugattea.com
caazam.com
www.chainamb.com
london-adventure.chepetronix.tech
clan-spot.com
nesher.dyn.co.il
www.codeforbrands.eu
customercare-help.support
leo.de-aquino.com
www.degree-plus.com
www.detodos.com.co
ads.devsy.tech
www.digitalbharati.org
dincalculator.com
district-shows.com
domkibarnaba.pl
d1-mypreferences.dpd.co.uk
elephantadagency.com
www.elperrorabioso.com
www.emarcotte.com
regents-place.equiem.mobi
estherbeauty.fr
etymora.com
globalcrm.fashionsuite.com
a0cn.foodle.su
freshwavemvnt.com
www.garretteckl.com
www.hanngulala.com
hceducontinua.com
hebergementjeunes.fr
hoppaardjehop.com
beta.app.ibscoach.org
app.indiabonds.com
indraoctama.com
console.innersightlabs.com
www.intruderinantiquonia.com
invitedilsse.com
islandgateway.lk
www.itspuppettime.com
www.jurcevic.com
kangmingshop.com
www.karthikdattu.com
kcalendar.ch
konect.social
app.maestroafrica.com
matesenlinea.com
www.maximusheating.co.uk
instagram.mega.lol
outlinejs.yori.mirano.fr
dashboard-demo.mpower.africa
mrsgujju.ca
app-staging.multis.co
www.myramutfak.com
catalyst.neoufitness.com
dev-test.nextgatetech.com
noodos.es
corporativo.olamed.com.br
overnightdev.com
rad-cal.palmexus.com
www.parkerreese.com
www.app.pharos.community
lifemd.pyxal.io
qbpscanner.com
app.quitaboletos.com.br
restyleai.co
saitonaoya.com
samihaest.com
seazonrightz.com
www.sharpquill.se
shtnkgm.com
www.site4u.ca
www.sup7rdb.com
bodaalfarorivera.swanmoments.net
tabitha-thomas-schaffran.de
app.taniafruchi.com.br
www.theinvestorslounge.com
thsomsai.thsgroup.in
timonriemslagh.be
tomhtml.com
app-cc.uniboi.co
page.upliftyou.com
vincent.by
www.westwoodenduro.com
winderful.uk
vn.workspace.training
www.zachru.com
Other domains in certificate