Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=portal.tastio.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 21, 2025
Valid Until
February 19, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
8D:AB:3F:AB:60:50:9A:23:84:26:47:CF:8C:68:BC:EF:4D:91:B6:8A:C2:8A:15:90:1C:EA:D5:5C:17:B4:DA:6C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-6--Fo_QJfDUuZENPYdYBeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
dev.invite.5mins.ai
amendadvice.com
amesmali.com
www.anubhutianalytics.com
app.askeed.ch
bencapital.com
dev.mijn.bobdebot.nl
cambridgeschool.in
ceomaker.in
spacefarm.co.kr
www.cobrante.es
shimano.comodule.com
couch.live
consola-dev.criptoladrillo.ar
cortex.dev.synapsecloud.dataauchan.fr
process-analytics.srv.deloitte.ai
www.dhaichaal.pk
team.feature.digiqc.com
endangered.live
cdn2.engym.com
expressautorespray.com
factwells.com
fintrix.ro
www.fitstarapps.com
formahome.online
admin.galais.org
geoit.dev
demodayadmin.grupa.io
class.hamptoncollege.cl
helloaisolutions.com
www.homeandgeneralct.co.za
horas.io
fmmt.hotekan.com
keypoll.ibig.dev
bornoshilpi.ipdcbd.com
dashboard.itsaweddingtrap.com
jazzx.pro
jer.one
super.juntosenergia.com.br
kadh.nl
www.kyotocoltd.com
sales.lestage.com
www.lmeshoo.tech
www.lookrateve.com
lukef.me
maracaiboapp.com
jamzonly.mattlongpre.com
meaningfulmedia.ai
www.miquelferrerllompart.com
www.momipoke.com
portfolio.neptunestech.com
numericalcognition.net
r.okhati.dev
www.okiedokiepay.com
openproof.app
orkabike.com
dmgqa.ovenfo.com
my.pawthereum.com
photoshotapp.com
task.ptlumbung.com
www.qmediahouse.co.za
www.rachanainteriors.com
rainmaker.school
revalier.li
dev-directorio.rhodium.ooo
pwned.rnetian.in
r.ronoaldo.com
salahudinmalik.com
www.shijithpadmanabhan.in
simplylink.com
sitefast.ca
solquima.com
spanner.fyi
app-links.steppi.com
app-demo.stoick.io
strategysportsnetwork.xyz
portal.tastio.com
www.theagendaapp.com
www.thecoach.cloud
www.tishreiinthemoment.com
tndroptaxi.in
toastit.io
top-price.ru
top8social.org
karaoke.topia.tv
trophycase.app
www.union-bauzentrum-hornbach.com
www.uzianova.com
afiliados.vecinos360.com
vectormars.com
www.vinimdocarmo.com
app.voyagergolfclub.com
open.weddly.io
welcomments.com
whitedoveassetlimited.co.uk
wispltd.com
worldnoisemap.com
www.youdict.co
zeesh.com.br
zuzupetrelocation.com
Other domains in certificate