Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=web.tastik.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 22, 2025
Valid Until
March 22, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
02:C1:CF:14:14:E3:54:15:17:F7:BF:37:85:2C:0E:65:9B:99:3D:E9:B2:43:3E:E5:02:50:59:6F:AD:48:D6:E2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
pinguinradio.com
2015.bloggi.es
2023.mdriver.pl
freemind.accademiapbs.it
site3.allyable.tech
amg.anctech.com.au
app.angkordc.com
www.artemisscientific.com
asumanaktuy.com
bifrost.atyrpharma.com
ayushkamat.dev
audio.banskyspis.sk
boisetrailschallenge.com
www.caldera-studios.is
www.chewstesting.com
www.webwise.co.il
triplicate.column.us
melci.com.tr
www.fanusisi.com.tr
www.crunchy-app.com
app.cyngo.net
benefits.devridezum.com
www.dh.md
didido.today
djoarsome.com
help.dogadozo.com
www.enkanasheafrica.org
odour.ermapps.com
festmorzar.es
firecracker10k.org
flerse.com
www.getweathergo.co
www.heaven-valley.in
hintcatcher.de
tuan12102006.id.vn
train.imagineiftoys.com.au
www.italianchoice.app
dev.sra-online.ivlivs.dev
jollyfamilyfoundation.org
test-app-link.kiplin.com
www.kosoku.info
lacprojects.space
web.madamadi.gr
www.mann-kann.ch
gb-designer.mars3142.dev
mattphillips.dev
formular.messetools.de
bo.mets-up.com
www.invitados.misterboda.es
www.mocroc.com
delete.mondaa.com.au
www.mosqitter.online
www.myhopeplan.org
www.nanocentron.com
documentation.ndk.group
app.oasisazul.com.br
www.okdak.me
moderna.org.pe
myncf.org.za
www.palmstonehaus.org
vendor.paybird.app
pdf-il.com
play2x.sh
www.playsolitaire-online.com
pokk.it
www.rephrasely.com
reygames.co
roadway.staging.roadbotics.com
rolezao.top
www.samearth.net
appslinks.semillaproyectos.com
beta.sgospel.no
chaos.shadowflips.com
provider.sniffle.com
dev.somendrasaini.com
evplug-admin.sonice-aioe.com
waterair.speakylink.com
service-hub.spring-board.dev
findmystyle.styleotaku.com
tabelaterapeutica.pt
trip-service.test.tada.dev
taiho-doboku.com
tailwind.club
owner-test.tanq8.com
web.tastik.app
dev.tikti.me
tjbplumbingllc.pro
www.trevorfrese.com
www.trochoid.hu
trudhub.ru
www.twinlots.com
www.unogiardino.com
dev.nugget.valorumdata.com
warpbarrel.com
webbysfromhome.com
admin.sanki.wowdesk.jp
xapptor.com
www.y1qian.com
www.yata.se
www.yhamamoto.com
Other domains in certificate