Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=link.stage.tsylana.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 16, 2026
Valid Until
April 16, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7B:98:7A:0D:5A:E1:1E:8F:C0:01:0C:6C:30:A0:83:E0:7C:DA:E4:EF:15:EB:92:68:E0:10:A8:79:6E:36:C5:D9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
compartilhagram.com
stg.boundaries.28east.co.za
aakashpamnani.in
adambrooks.dev
invite.adit.com
allius.io
aniltripathi.in
www.aptekabialeblota.pl
www.cjbrickservices.com
staging.clevertrack.dk
mydyo.co.il
kishantractor.co.in
www.collective-intelligence.com
www.aweretaw.com.mm
communitiesconnect.us
controlled-chaos.co.za
www.dannbeatstudio.com
kidsgames2019.dawsondepretis.com
www.decemberfirst.us
www.electroblocks.org
autohistory.ferosel.com
www.fluma.io
events.flutter.dev
geo-training.at
www.harrydeboer.dev
manager.hippocrades.org
www.homovital.de
ngannguyentrung.id.vn
portfolio.reza.info.bd
swap.dev.inkryptus.com
student-dashboard-stage-1.ischoolconnect.com
in30s.isnomore.net
japaan.jp
kitchenwitch.nz
weblp.klevgrand.se
hkk.kro.kr
www.kukipos.com
lagoscode.com
www.leshramirez.com
admin.levelupnaija.com
www.lionandfox.co.uk
www.littleiqs.com
www.littletraveler.org
www.locaconstrutor.com.br
api-doc.loogia.tech
sacompay.m1studio.co
party.makersverse.in
form.mamafre.jp
manc.be
splittwitter.meijin.me
attach-dev.mikmak.tv
mivaanfinejewels.com
haik.modobits.de
mohamadsiyam.com
www.moonspam.com
www.sintaqu.my.id
netsmobility.com
www.norsepm.dk
www.ntoka.com
campathon.nwbbc.com
www.oddityparadox.com
onecode.no
www.openfeedback.io
www.iglesiadejesucristo.org.ar
pizzolante.dev
pokyciai.eu
www.polied.com
www.portmarnockden.com
pravinyoy.com
protobus.com
quicktruckservices.com
dev.qventana.com
rafihaque.com
raidalt.com
romethorstenson.com
www.roomario.com
www.rustavelo.ge
sammyhayes.co.uk
www.shiitake.dev
app.staugustinechs.ca
www.stgallen-experience.ch
raymer.stio.com
swifttransformation.ai
www.syncomusic.com
task.supply
thecollectivepool.org
monarchy.thediners.in
www.threepro.my
timesofpeople.com
toe2toe.app
weather.tognacci.net
aphp-chir-hosp-uterus-robot-vr.vv.toysfilms-interactive.com
link.stage.tsylana.com
my.syh.us.kg
vasudhagroup.in
ironman.vilomar.com
report.wellnest.tech
wmaars.com
www.x1a0teng.page
ziger.dev
Other domains in certificate