Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=ostankov.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 08, 2025
Valid Until
January 06, 2026
57 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4E:DC:23:CA:2C:B6:25:65:96:89:25:5A:15:ED:22:CA:A6:61:B1:39:D6:40:52:14:2C:49:5B:05:95:CD:31:78
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
growthstudio.in
xero.1clearview.com
beta.actimotive.app
screeenshot.africasunrise.com
www.allez-allez.app
app.allezemm.at
contacto.amco.me
www.anuplifestyles.com
asimflooring.ca
google.blobattack.com
app.butterflyit.com
www.chatvibe.app
i.chiper.mx
www.cibamachinery.com
cmpltr.co.uk
www.cmuchippewascamps.com
akshikacarecentre.co.in
contactusnow.in
curiousily.com
serl.cxipl.com
www.cf.d2-apps.net
daylight.hr
www.ddevleena.com
pos.ddzone.xyz
link.defleppardgame.com
devflix.io
dexrider.net
dhamaka.cricket
dharrison.dev
digitalsamiti.com
www.doughboyz.org
enterprise.elify.com
delivery.entiremart.com
admin.forallcommunity.com
salesdeck.game-one.com
gantherwedsparker.com
preprod.gemfor.me
go-schwerin.de
crm.greentiger.in
stage-storybook.hellopando.com
app.holidu.com
nail.hsvinnovations.com
hwcoin.org
idunnutokurah.com
ihcp.io
islaparadiso.com.br
jafooby.com
jayalakshminetralaya.com
jesustorreiro.com
www.jesusyalicia.com
studio.koaa.io
kupatgivathamivtar.com
www.laaroussi.dev
lazerthrust.technology
lindenkwok.ca
tracksterfire.linkbase.app
harga.lumbung.app
chiefmedia.madhive.com
marmenorsensing.com
meanchefstudio.com
mehdie.org
tools.mensacaz.com
niftycards.shop
chat.nijibox.jp
ciam-dev.norbr.io
merchant-analyzer.nroadcorp.com
www.nthvector.com
oddbit.se
www.omnitechelectronics.ca
ostankov.com
ozarkapps.com
www.philipp-ladich.com
pijuan.dev
link.pipfeed.com
www.toolbox.qlouder.com
www.qurrehealth.com
rockgym.work
bournemouth.scouthub.app
www.sharonandjake.info
www.shosuzukidesign.com
stage.somewear.app
sosclickabogados.com
hantsch-app.speakylink.com
sphoorti-tools.com
stickersromania.com
www.stitchstory.uk
thehikingguys.com
www.thequranclassroom.com
www.thesainifoundation.org
thesaurum.thetislive.com
thomaszachariah.com
www.tigerdojo.io
tiktokdo.com
timur.dev
owls.tokapp.com
laufcampus.docs.trayn.com
twinpacs.com
app.unspun.io
www.wtama.in
xtopia.me
Other domains in certificate