Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.philiptamaki.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 25, 2025
Valid Until
March 25, 2026
70 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
44:18:67:F1:4C:15:10:DF:E2:AA:64:C4:27:2F:A3:33:FC:E2:95:E1:20:97:BE:87:6D:A0:24:A3:4E:23:A6:41
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
itscatwu.com
505rct.co.uk
abolishcars.org
qa-static.3rdanniversary.ac-pocketcamp.com
www.accvaldivia.cl
tvs-admin.acuizen.com
tvs.acuizen.com
ainadesign.org
arpimakeover.com
www.atomo.app
www.axtellcommunitygrocery.com
www.ballebaaz.in
www.balloonartist.in
dashboard.beepforhelp.com
bin-day-bot.com
careauditpro.co.uk
www.chrisw.app
citraendo.com
staging.cityscour.app
clearchoicecs.com.au
closedcaptionconverter.com
www.cloudprodigy.in
mcamindia.co.in
console.facturasend.com.py
countycollector.app
www.deepsixdesign.com
devmd.in
staging.backend.divvyupsocks.com
www.elchingon.fr
elitesamui.com
elmopitt.net
www.enlitenide.se
quantegra.felporgetve.hu
dev.fetchconsultant.com
flexpick.net
foodfairsupermarket.com
geekosophers.com
gestaltarchive.com
www.grace.app
app.groztek.ru
gymtrackpro.com
hitlerjuomapeli.com
holenderskieantyki.pl
hmg-worc.hrestart.com.br
humboldtcx.com
ilutor.com
imperiumlarp.com.br
auth.ineveranswer.com
staff.insubriparksturismo.eu
game.iterativ.ch
uniben.portalcliente.izii.io
todos.jansen.co
codingandcocktails.kcwomenintech.org
joyandcraft.leonbayliss.com
lewisingram.com
litta.tech
auth.mappi.ae
mdubowskidesigns.com
links.mena-feelunique-sandbox.com
www.mermaidsweettreats.com
www.mietwagen24.ch
minai.tech
www.mindpack.com
rangesim.mouserstudios.com
muttleysdoggydaycare.co.uk
app.myclickandcollect.com.au
mysecrets.com
www.nathanielhughes.co.uk
www.nitishvaid.com
www.noblehealthmedicalrecords.com
assess.nside.io
www.oogiri.org
create.peekaphonegame.com
11521525.peerly.app
planner.pepsapp.com
www.philiptamaki.com
www.phonim.co.jp
www.prikobalu.si
www.properliving.co.za
purescale.ai
sabag.io
reportes.homo.metrogas.salas.com.ar
sija.studio
www.slayter.dev
hom.portal.alertaclaro.stefaniniinspiring.com.br
policy.sumamachi.jp
partner-stage.talent-alpha.com
www.thirstingforjesus.com
rochemss.timeline.click
blog.tnnl.co.uk
www.tokenfinanciero.com
uniconfig.com
content.uscarrom.org
www.ushopbkk.com
dev.vark.io
admin.vistamonkey.com.br
vocal2go.com
www.whitevillasamui.com
wineloyalty.com
yt-wrapped.com
Other domains in certificate