Open
Cached
·
just now
93/100
SECURITY SCORE
Certificate Information
Subject
CN=maps.stanojkovic.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 11, 2025
Valid Until
January 09, 2026
44 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4A:1C:17:E1:95:6D:A8:74:69:5C:2A:D0:8C:F0:0C:60:9F:D4:BD:4A:2E:27:8D:A1:66:D4:71:87:10:D6:AE:15
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; connect-src; font-src; +4 more
default-src 'self'; connect-src 'self' https://api-gateway.umami.dev https://cloud.umami.is https://api.unsplash.com https://unsplash.com; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' santm.com unpkg.com cdnjs.cloudflare.com https://cloud.umami.is https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: *.tile.openstreetmap.org *.cartocdn.com https://images.unsplash.com https://plus.unsplash.com https://ik.imagekit.io/; frame-src https://www.youtube.com https://youtube-nocookie.com *.google.com https://www.facebook.com santm.com;
X-Frame-Options
Good
sameorigin
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
camera=(), geolocation=(), fullscreen=(self), autoplay=(self), payment=()
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
santm.com
1seoaudit.com
hdd-demo-2.5loyalty.com
aemudm.ca
www.alzaidy.sa
annasolecka.com
anpulse.com
stg.app.any-x.com
appres.org
amfam-cfr-stage.askkodiak.com
eventit.asmz.beer
link.audactive.com
avatarsmith.com
staging.link.awarefy.app
www.bb-brindille.be
bbbk.at
www.beatrust.com
www.app.becovalent.co.uk
bossmydata.com
bplarmy.com
www.brareytv.com
brunjar.com
budaminof.com
studio.caleido.dk
firebaseapp.carfinance2u.co.nz
pm-soa.cebulandmasters.com
christophermckimmie.com
ayo.coca-cola.co.id
loaf.co.ug
codju.com
esmaduran.com.tr
creatoradar.com
qa-elysium.datalakehouse.io
www.delfspec.com
digilege.no
www.doomedtosucceed.co
easyworkbelgium.be
elparqueo.com
ericsqualitycleaning.com
esense-muscle.com
avanza.estudio.app
facetherapie.com
familymenuplanner.com
plataforma.fedecuy.org
ts.fleet.ph
genu-systems.com
www.gerlipp.com
germancappuccino.com
www.gibigroup.eu
map.gnada.si
harem.one
harosec.com
app.staging.illust.space
app.imobiliariamarques.com.br
tracksugode.infomega.biz
keimeasy.com
khriiistosarcana.app
www.kpis.tech
leman.blog
lgenera.com
www.louhde.tech
marotivendeghazak.hu
internationalization.mathematikoi.co
ticket.mcom.app
m.meestory.com
tele.micrm.vn
insa-challenge.minhnn.fr
geotagger.mistybits.com
www.mitrov.dev
pubenq.mmrstg.com
juragan-dev.moneyz.id
mukbangshows.com
www.neverland.finance
www.onatsoftware.com
onlinecodingtools.com
sudo.org.za
firebase.pausi.id
www.praveenassociates.co
www.project44.app
www.proto.com.br
rasmus.productions
www.richharrison.dev
rizzorts.com
rogersteinbakk.no
www.sabor-a-peru.com
www.saja.se
app.silver-smok.com
maps.stanojkovic.com
storier.us
tools.sweetbirdsuites.com
www.techitunes.com
student.techokids.com
sso.thatch.co
www.thyroidclinic.com
docs.totalum.app
www.tracking.education
virtutech.in
vmilinkplan.vmi-technologies.com
admin.gctjapan.wowdesk.jp
yaashnagupta.com
Other domains in certificate