Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=fantaski.aidanjohnston.ca
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
26:50:A1:31:C6:64:BF:FF:39:6E:4D:AA:B4:73:48:DB:A7:0D:FD:00:FE:E0:18:7C:A3:EE:DB:FD:8A:A4:26:39
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.posix.store
ajax.academytrial.com
www.ad2033.com
fantaski.aidanjohnston.ca
producer.altar.link
ticketcenter.teorema.app.br
cao-lvnl.appdashboard.nl
www.attainate.com
manager.bioutycall.com
bodogeshindan.jp
internal.brodyconsulting.group
www.buscadorsanmiguel.com
caradalp.com
iteration-demo-dev.carto.solutions
watdoejij.citolab.nl
foodhallccs.clau.io
www.cliffreads.co.uk
editor.codeyolo.com
services.collaborative.fm
dapatkomisi.com
dfeverx.com
www.dragonflylearning.com
ezchallenge.easysignage.app
esoft.edu.vn
www.eexit.net
www.eldapilates.com
auth.dev.evertransit.com
app.extendedfamilyhelp.org
www.familydatabase.net
onboarding.fcdevelopment.net
marketstar-ideacloud.forgedx.com
stg.getcalup.com
www.getrealhappy.com
provider.gininow.com
www.glasson.io
koto.dev.goodctzn.com
developers.hades.tech
track.hoefer.dev
auth.hope-inc.page
humancloud.app
industrialpathsolutions.com
javascriptuncle.in
www.jewelverona.com
app.joinpalette.com
www.jtknox.me
www.jtms.app
app.karinhus.pt
admin.khybervp.com
qaenvcloud.lappso.com
mailmonkey.logicwind.com
madmoney.app
www.makvikfinance.com
manuela-bellydance.ch
massagemembersettlement.com
6zsfhrwlwms.milivesystem.jp
monitoro.xyz
moon-engine.net
mygamelibrary.net
distributor.mytrellis.com
app.nftlegends.tech
ng-de.org
www.nhakaafrikanworldview.org
www.niftychars.com
setup.numa.com
nutfunc.com
acivaxconsentwebqa.onymos.com
portal.zofim.org.il
patharewadi.com
new.pay-karo.com
www.pedro-varela.com
www.polosgym.com
dev.pomelo.io
quickchatz.com
rabgroup.in
raylam-tennis.com
www.redz.com.br
www.rhythmiq.app
rolliponiz.it
s3tint.com
www.sadeinnovations.com
www.selector.io
www.shaqfu.com
www.sosbinario.com.br
www.sourcebrewery.com
dboard.ssa.group
strategiclifeblueprint.com
subspot.dev
uninstall-survey.tab-suspender.com
www.targetedthreats.net
www.portfolio.terry1213.com
eat.thegoodstuff.my
www.tizgonzalez.com
tokiqil.com
tuantudo.com
turtleiptrust.com
vayuway.in
dealer-test.vesselviewmobile.net
app.viboapp.com
login.vimopay.in
fireshots.xcess.cloud
Other domains in certificate