Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.tiffinshala.in
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 24, 2025
Valid Until
February 22, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
70:D1:36:A0:82:89:C2:AC:D8:1F:A9:AA:9F:07:F8:9A:B3:A3:AB:72:07:B2:8E:54:DE:77:2F:CC:1A:EA:C0:92
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.knowmadic.world
www.4eleven.net
achalukkhal.me
www.aciflex.com.br
seleccion-cuenta.allariaagro.com.ar
alongi.com
mg.angro.hu
apoorvgarg.in
appsdirect.com.br
aviita.ch
www.bamboosushi.fr
banati.in
cp.bisflow.io
admin.bloomtec.net
bloxing.net
bluerosesociety.org
bosscar.by
bothof.me
caminoloan.org
cv-maker.christianaquino.net
www.leadlearn.co.kr
www.constantsmatter.com
qacode.cultup.com
kodehyve.designsystem.lu
mcigermany.deskbooking.app
dl.etermar.pt
www.freestyle.gamma.fayd.app
www.fralo.se
funwari.dev
getwithjosh.com
topmatoes.goodguy140.com
gtstudents.org
www.handmadehero.org
template-ametista.imobzi.com
lr.demos.jcloete.dev
tech-knowl-edge-connect.jenslemke.com
josefhalcomb.com
www.kanojo.moe
app.kindi.io
knowyourrights.page
www.kuuk.la
www.labrat.camp
learnbot.ai
login.legacylogic.io
www.lemonati.com
liher.com.mx
likepizzas.com.br
lolita.boutique
hidayah-admin.macademy.in
www.manar.dev
mate-geac.hu
www.matters.band
forms.milkymist.com
moatindia.com
www.mycoco.us
naelfliti.xyz
namepilot.ai
www.noqueue.ca
www.onejourneytours.com
openexperiments.jp
www.orbisforwalkers.tokyo
cp5723192383504384.order.place
www.ozbot.si
payasyougointernet.com
link.playsee.co
ads.pmix.net
www.pscloud.dk
psimple.com.ar
quickview.quickintel.com
ilulabus.bookings.ratality.com
showcase.rccsonline.com
ridgeitsolutions.com
www.rlemy.com
seasecret-boattrips.com
shoppal.org
sipherhaus.com
www.smartfoodieapp.com
www.splendid.world
spookydooky.net
subleaf.org
www.theohcode.com
www.tiffinshala.in
app.transcriben.com
home.troglodytesociety.com
link.social-eats.tsunago.asia
www.tweakyourtext.com
tylerbwong.me
www.typescape.io
typescript-rtti.org
www.ubermart.nl
stage.quiz.thrive.uk.com
vbend.co.uk
veramagazine.jp
veteranosbgp.com
visions.fund
vuya.me
salesapp.yantralive.com
zelektekvew.guide
www.zenmagpie.com
preview.zh11.ch
Other domains in certificate