Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=my.tastio.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 08, 2025
Valid Until
January 06, 2026
47 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
57:22:B5:27:7A:B4:B5:48:A9:5D:7A:A0:41:FA:58:33:CF:92:D1:62:61:90:1C:70:11:D2:2E:73:55:68:92:82
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
tdsanierung.de
hon-modular.3dcloud.io
register.advanda.app
admin.appcheap.io
wounds.biobarica.com
join.castroapp.com
www.caup.in
www.cfkids.org
uoman-nishiumeda.cfs-japan.com
www.cha-chi.in
blog.charitarth.dev
firebase.digilux.co.in
cogni-dev-painel.cogniapp.com
turplan.commit.dk
account.dataplace.ai
dctalbot.nyc
dddeurope.academy
tenanc.debuggin.co.uk
www.deqi.link
admin.develop-workhub.site
links.devicetrackerplus.com
dlnr.dev
dompetalquran.org
www.app.droov.io
ecole-jean23.fr
alumni-stage.enkept.com
api.eternalko.space
www.fairy.gallery
feedbacks.farahy.net
ferntech.vn
fiittt.com
link.fontpicks.com
galacticorp.org
gifthome.info
gkjjjenterprises.com
globalwomanarena.com
www.goodguesser.com
www.grabbbitapp.com
csda.graficametelliana.com
www.grupomaccy.com
hueclips.app
vacaciones.icsacr.com
beta.infina.ca
admin.innobyte.pe
intellectus-exd.mx
www.intellicroppro.com
isrndt.com
admin.itrood.com
jiggoo.com
www.keenestars.org
r.kicode.app
kinoweb.dev
studio-dev.kiswe.com
koningsjoerd.nl
app.leanify.app
mitsuwa.lfv.jp
groupe.lotoquebec.com
www.martaedavide.site
www.maxxus.nz
maxxus.ro
seasons.mismith.io
narasirigreen.com
www.nautile.cc
demo-admin.netccnone.com
ink-react.nickbarnard.dev
kajinet.nonip.net
oftnai.org
okrushko.dev
oneus.run
start.optml.io
portal.morada.org.br
www.organizacionlb.com.ar
pariashwani.com
www.paullex.com
admin.pefachurchgimu.org
www.playneststudios.com
test.signart.com.br
www.singinglessonspreston.com
live-dev.snapmentor.no
app.test.soundit.app
staging.ggso.spaq.app
splashfly.com
www.sviluppiamotutto.com
www.sykes.tech
www.tacolulu.com
tapetespersasmojoodi.com
my.tastio.com
tej.one
tommynguyen.me
trackit.ai
www.transportmybike.in
tristezone.com
js.review.trustdock-ekyc.com
geolocalizacion.urgegrua.com
janssencdjrofholdrege.vinsyt.com
vizhifintech.com
socialhire.weekday.works
www.weplaygames.in
wheenk.com
news.xudeng.dev
Other domains in certificate