Open
Cached
·
just now
91/100
SECURITY SCORE
Certificate Information
Subject
CN=vladislavtsoy.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 28, 2025
Valid Until
January 26, 2026
50 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
90:96:4F:44:83:D8:9D:1C:F8:1F:AC:43:6B:19:91:CA:12:DA:50:9B:08:09:D9:53:8A:99:94:E2:39:FC:1F:34
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Basic
default-src; connect-src; script-src; +10 more
default-src 'self'; connect-src 'self' entur.no *.entur.no en-tur.no *.en-tur.no entur.org *.entur.org *.entur.io ws://*.entur.io ws://*.entur.org wss://*.entur.io wss://*.entur.org https://events.mapbox.com https://www.google.com gstatic.com www.gstatic.com wss://*.puzzel.com/ https://stats.g.doubleclick.net https://*.tiles.mapbox.com https://api.mapbox.com https://cgchat.callguide.telia.com https://europe-west1-ent-enturapp-dev.cloudfunctions.net https://europe-west1-ent-enturapp-tst.cloudfunctions.net https://europe-west1-ent-enturint-dev.cloudfunctions.net https://europe-west1-ent-enturbeta-prd.cloudfunctions.net https://europe-west1-entur-prod.cloudfunctions.net https://search-dot-entur-prod.appspot.com https://search-dot-ent-enturbeta-prd.appspot.com https://search-dot-ent-enturapp-tst.appspot.com https://search-dot-ent-enturapp-dev.appspot.com https://search-dot-ent-enturint-dev.appspot.com https://firebaseinstallations.googleapis.com https://firebaseremoteconfig.googleapis.com https://firebaselogging-pa.googleapis.com https://o4508182734503936.ingest.de.sentry.io https://entur.humany.net https://api.ace.teliacompany.net https://chat2.ace.teliacompany.net/ https://chat.ace.teliacompany.net/ https://wds.ace.teliacompany.net/ https://*.puzzel.com/ https://n8p3h7hj.api.sanity.io https://n8p3h7hj.apicdn.sanity.io https://europe-west1-entur-feedback-staging.cloudfunctions.net https://europe-west1-entur-feedback.cloudfunctions.net https://*.posthog.com https://*.usercentrics.eu; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://events.mapbox.com https://www.google.com gstatic.com www.gstatic.com https://apis.google.com https://ajax.googleapis.com https://api.ace.teliacompany.net https://chat2.ace.teliacompany.net/ https://chat.ace.teliacompany.net/ https://wds.ace.teliacompany.com https://app-cdn.puzzel.com/ https://feedback.puzzel.com/ https://entur.humany.net https://*.posthog.com https://*.usercentrics.eu; img-src 'self' entur.no *.entur.no en-tur.no *.en-tur.no entur.org *.entur.org *.entur.io https://firebasestorage.googleapis.com https://storage.googleapis.com https://events.mapbox.com https://www.google.no data: blob: https://events.mapbox.com https://www.google.com *.googleusercontent.com *.doubleclick.net https://humany.blob.core.windows.net https://entur.humany.net https://api.ace.teliacompany.net https://chat2.ace.teliacompany.net/ https://chat.ace.teliacompany.net/ https://n8p3h7hj.api.sanity.io https://n8p3h7hj.apicdn.sanity.io https://cdn.sanity.io https://app-cdn.puzzel.com/ https://*.usercentrics.eu; style-src 'self' 'unsafe-inline' https://events.mapbox.com https://api.tiles.mapbox.com https://entur.humany.net https://api.ace.teliacompany.net https://chat2.ace.teliacompany.net/ https://chat.ace.teliacompany.net/ https://wds.ace.teliacompany.com https://app-static.eu.posthog.com https://*.puzzel.com/ https://*.usercentrics.eu; font-src 'self' https://ace-knowledge-cdn.teliacompany.net https://fonts.googleapis.com https://fonts.gstatic.com https://entur.humany.net https://*.puzzel.com/ https://*.usercentrics.eu; frame-ancestors *; frame-src 'self' https://events.mapbox.com https://www.google.com gstatic.com www.gstatic.com https://wds.callguide.telia.com/ https://traveller.entur.org https://traveller.dev.entur.org https://traveller.staging.entur.org https://traveller.beta.entur.org https://traveller.entur.no https://traveller.dev.entur.no https://traveller.staging.entur.no https://traveller.beta.entur.no https://entur.humany.net https://api.ace.teliacompany.net https://chat2.ace.teliacompany.net/ https://chat.ace.teliacompany.net/ https://wds.ace.teliacompany.com https://app-cdn.puzzel.com/ https://*.usercentrics.eu; object-src 'none'; child-src blob:; media-src 'self' entur.no *.entur.no en-tur.no *.en-tur.no entur.org *.entur.org *.entur.io https://api.ace.teliacompany.net https://chat2.ace.teliacompany.net/ https://chat.ace.teliacompany.net/; report-to csp-endpoint; report-uri https://o4508182734503936.ingest.de.sentry.io/api/4508222815731792/security/?sentry_key=e7ee5aa5fa5767b7db150c1ae6e12a3c
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
geolocation=(self)
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.en-tur.no
dnd.aidanlee.dev
www.aidocumentautomation.com
www.animec.es
food.apxor.com
atlaresolve.com
blitzsystems.in
cloud.bonat.io
restaurantlist.brendanharan.com
cesanoseveso.cbros.it
mekit.cloudspindle.com
kawari-uat.iamconsulting.co.th
pitchdeck.mytechdiary.com.ng
issk.staging.admin.convercus.io
coolrunlimited.com
cutiesbistro.com
www.dalmiajansevatrust.com
admin.darkentitystudios.com
www.debanjaly.art
www.dronestreamer.live
mediall.drtis.com.br
auth-staging.dweet.com
www.easy4u.co
edhas.one
counsellorlink.edvoy.com
kaspero-backend-staging.elliq.co
capp-auth.ergotopia.de
eggxiuren.trungdev.eu.org
fakedev-kh.site
ker.farrasnorte.com
small.fognet.world
footprintstrainingvideos.com
invite.stage.front.page
hirami.gilbertmania.page
link.guardianscollective.com
www.gundam.com.br
fwd.helenexpress.online
www.hombrecitomazapan.com
l.horse-x-pro.com
businessriver.hrawards.ie
staging.hvaskjerkalender.no
nextlevelkrav.impactwrap.com
dev.shipper.impargo.de
inlightbusiness.com
aginvoice-de-testing.input4you.be
www.itfreelancing.nl
jeremy-coquet.com
link.jeuneafrique.com
www.jfkairportclinic.com
johnyoat.me
catholic.kasoft.vn
kurzzivota.sk
www.lentesnovavisual.com
www.livsnyderhytten.dk
thecloudbelgium.merai.ai
mpdownload.xyz
www.business.myreshn.com
naijyan.com
fnb.namsutech.vn
nifdex.com
staging.noknokgroceries.com
o-fra.me
www.omundodacrianca.com.br
onerealpocket.com
demo.oplit.fr
p360kiosk.com
www.paniaguajulio.com
pechie.dev
www.pixelated.party
app.nightly.pocketpost.life
promowayz.com
app.proxymint.one
www.puppypatchlabs.com
queensgambitdeclined.com
www.quoteix.com
reema.fun
rosey-clean.com
rrgrouphub.com
www.rundquist.tech
www.samipussinen.com
www.santiagojimenez.dev
auth.sentimllc.com
www.siliconseed.io
simonbbq.com
test.simsouls.com
www.sonicattack.nl
srivaristarch.in
stagdraft.steaksoft.net
www.stir.me
syam.one
www.tanquesparagas.com
app.timeschedule.ru
authlink.common.tokyu.co.jp
trybe.cc
uvacellar.com
vladislavtsoy.com
whitepixel.ai
soapboxupdates.wistia.com
mobile.wordcloud.app
status.wowo.mx
Other domains in certificate