Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=tantra-ssage.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 12, 2026
Valid Until
August 10, 2026
62 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A0:6B:54:E7:26:F3:8F:C7:6C:FE:05:AC:3C:DC:DE:20:05:5F:8D:0F:A4:5F:B5:78:15:40:5C:CB:7E:2C:60:44
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
equalhousing.art
*.equalhousing.art
51xsbl.com
*.51xsbl.com
*.b3.51xsbl.com
ambercrombieandfinch.com
*.ambercrombieandfinch.com
*.wildcard.ambercrombieandfinch.com
*.ww25.ambercrombieandfinch.com
*.blog.codemart.co
codemart.co
*.codemart.co
*.ww25.codemart.co
dinheirooportunidade.com
*.dinheirooportunidade.com
dullessouthonline.com
*.dullessouthonline.com
*.mail.dullessouthonline.com
duniakota5.xyz
*.duniakota5.xyz
dynamic-torque-sensor.click
*.dynamic-torque-sensor.click
emailmarketacquisitionadvertising.co
*.emailmarketacquisitionadvertising.co
encuentracomics.com
*.encuentracomics.com
exploreadswithreddit.co
*.exploreadswithreddit.co
eyesee.us
*.eyesee.us
findadvertisewithreddit.co
*.findadvertisewithreddit.co
findiconicfirmadvertise.co
*.findiconicfirmadvertise.co
findmaynards.co
*.findmaynards.co
frofv.gdn
*.frofv.gdn
*.desktop.gacor33c.blog
*.dev.gacor33c.blog
gacor33c.blog
*.gacor33c.blog
*.site1.gacor33c.blog
*.smail.gacor33c.blog
gamecomets.co
*.gamecomets.co
gatysu.pro
*.gatysu.pro
gc974j.top
*.gc974j.top
gerhartarts.com
*.gerhartarts.com
*.random.gerhartarts.com
*.ww25.gerhartarts.com
*.cc4access.goroyo.net
goroyo.net
*.goroyo.net
hawaiiwriters.org
*.hawaiiwriters.org
*.www.hawaiiwriters.org
*.blog.helprescuedogs.org
helprescuedogs.org
*.helprescuedogs.org
*.m.helprescuedogs.org
*.wp.helprescuedogs.org
hj3f23.com
*.hj3f23.com
*.random.hj3f23.com
*.ww25.hj3f23.com
*.dev.israel24-7.com
israel24-7.com
*.israel24-7.com
*.cpcontacts.jobscumilla.com
jobscumilla.com
*.jobscumilla.com
kasthuricrackers.com
*.kasthuricrackers.com
*.mail.kasthuricrackers.com
*.dev.mostbet-kazino-az.ing
mostbet-kazino-az.ing
*.mostbet-kazino-az.ing
*.gok48d.resinclean.com
resinclean.com
*.resinclean.com
tantra-ssage.com
*.tantra-ssage.com
*.www.tantra-ssage.com
*.32.vaza.studio
vaza.studio
*.vaza.studio
Other domains in certificate