Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=tightmetalszambialtd.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
December 25, 2025
Valid Until
March 25, 2026
60 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E8:8F:F7:B6:4D:90:12:73:74:82:1E:ED:10:CA:50:A9:3C:34:01:A5:20:14:5C:CE:C4:46:ED:87:F8:38:EB:13
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
premium-react-loaders.ishansasika.dev
templates.ishansasika.dev
angular.templates.ishansasika.dev
docs.premium-react-loaders.ishansasika.dev
react.templates.ishansasika.dev
svelte.templates.ishansasika.dev
chat.2go.im
www.adronieruchomosci.pl
www.agntmd.dev
ahadiihsan.com
www.artesanalburguer.com.br
assistix.xyz
atphysio.com.au
birdinthecity.com
boboxon.uz
chip-show.com
dashboard.claritychi.com
cleanthefiles.com
auth.clow.in
link2.staging.club.fans
codecache.in
colectv.com
app.cosmocrm.com.br
app.cpavance.com
contexted.crapts.org
dadalou.fr
www.dosedaily.app
deliver.saga.einride.tech
exploremadeira.eu
app.exportlot.com
fabulae.fr
widgetsource.futurebrushfire.com
organizer.gosunow.com
mineirosprev.go.gov.br
haraitsolutions.com
inmobiliariaecheverria.com
www.itaembeconecta.com.ar
link.jibble.io
schedule-euro-laser.kalpas.in
dev.widget.shop.klappert.nl
www.leonardosilva.dev
business.meetelp.com
miscodigos.store
nancyfeng.com
neurment.com
ninebolt.net
ops-base.com
www.xn--hha.org.pl
demo.outfox.ai
www.parquesacuaticos.net
pierresdevie.fr
pioneer-ventures-society.org
applink.prom.ua
readysplit.dev
applesstrack.rxoconnectmain.rxo.com
connect-ng-warehouse.rxoconnectmain.rxo.com
member.staging.seetrum.id
softkinfolk.com
www.solrigs.com
sophotech.co
prod-apostala.iframe.survive.bet
privacypolicy.tamizhrealestate.com
dev.app.telebroad.com
tenformwork.com
www.tenformwork.com
tightmetalszambialtd.com
fixa.tornroth.se
trevorlyonyates.com
www.trulytelugu.com
unloadyourmind.com
vnlp.ai
www.westerweide.nl
dashboard-red.wifipublicitario.com
www.xn--12c2ca2bch2btdc1bqf9etg.com
www.xn--21-jlcexue9a7f.xn--p1ai
xn--42caa2elfcab4ed2c0e0evab4fzgsczd7b.com
www.xn--72c0a2db2m.com
xn--frgkonsult-q5a.se
www.xn--kreativittstraining-owb.ch
xn--lasanluquea-beb.com
xn--maa-8ma.com
www.xn--napitp-tta.hu
xn--o3cwjhb9dr0g8c.com
www.xn--ob0bx0iyztb9lk5b.com
oferta.xn--ogrd-sqa.com
xn--ogrd-sqa.com
xn--riskp-yqa2d0d.hu
xn--s7h.gg
www.xn--salklakal-rkb3r.com
xn--salklakal-rkb3r.com
xn--uds.digital
xn--x3r-2na.com
www.yetisinsaat.com
youniquebridalboutique.com
www.app.yunufit.com
www.beta.yunufit.com
tools.zenfet.in
firebase.zinli.com
marketing.zinli.com
zunguze.com
Other domains in certificate