Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=tanistagram.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 04, 2025
Valid Until
March 04, 2026
52 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C8:FF:9B:E1:D6:8B:96:99:61:48:17:51:87:53:F0:93:5E:0E:B4:3D:52:64:7B:98:CF:BF:9C:30:2A:94:93:61
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.assuranceski.com
jbmhrd.app2.1on1navi.com
adamsoliman.ch
alinconstantin.me
study.alphaigloo.ai
merchant.anytimeprint.in
apprestaurantexpto.pt
sck.arkane.es
staging.rpm.arrowhealth.io
www.artworktransport.hu
app.atlas.support
registration.aviationawards.ie
www.bioleaf.it
brain-kit.uk
www.busright.com
www.carolekinoti.co.ke
slatkebrige.com.hr
udrc.com.ua
dengonban.jp
membros.digitalbloom.com.br
disuza.com
dotactual.co.za
www.eat4dietetics.com
demo.app.eatpresto.co.uk
elitecard.ma
leyendasmexicanas.elitesolutionspro.com
apidocs.library.ethz.ch
web.ett.mn
noodome.event.rocks
eziassist.ezilux.com.au
app.fantascelta.it
tools.feifeier.com
www.frostanchellock.com
genomojo.xyz
giganticboost.shop
random-string.gnrt.app
haroon.im
www.heyrosi.de
ics-logistik.com
imamuthones.it
grading.ywc.in.th
www.intelly.solutions
dev.kakaonline.vn
dlink.kmp.kmplayer.com
www.kumarsproduction.com
fd.lasoxp.com
manahpooja.com
www.marktassistent.nl
whiteboard.matthewpaulin.com
www.mecsit.com
www.momentino.com
www.morita-farm-kamakura.jp
archival.moud.ly
movation.sk
www.munshigiri.in
customer-website4.nextorder.co
notfalltag-heilbronn.de
ocular3d.cl
www.tsukamoto.odo.br
lexsc.opendata.report
www.stpud.opendata.report
www.our-wedding.digital
paginadocontador.com.br
phihq.com
pillarsofpossibility.co.uk
www.planytics.ai
connect.portwest.com
www.psichiatriatranspersonale.it
www.rajeshkumarsahu.com
api.rubidik.com
sms.samyok.us
www.sankeerth.dev
www.shop.slowvillage.hu
smartdrivingacademy.ie
www.speedcubingportugal.pt
www.staplodes.com
api.storyhunt.dk
drift.styreportalen.no
tagoreglobalschool.in
tanistagram.com
medlem.thaugland.no
the-issues.jp
www.therentfriend.nl
tigerbilar.se
auth.google.sp2.tv.br
ubicuo.com.ar
bo-preview.una-community.com
buyc.unerry.jp
victory-style.com
www.vierbijdrie.nl
futurelab.vodafone.dev
www.vpci.com.au
www.westonsthai.com
wiinkapp.com
woike.com
workspace.hn
playable.yilankapismasi.com
www.zita.vn
formular.zolta.de
portal.zotabox.com.br
Other domains in certificate