Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.gertjan.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 27, 2025
Valid Until
March 27, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7E:58:7E:A0:44:CD:C3:13:F5:C1:54:D4:45:8D:08:67:30:58:A5:B5:E0:D1:D4:A3:15:BA:34:9E:E0:E0:7A:AA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
admin.onetrade.in
www.1movechess.com
2020.ngvikings.org
pr.accv.ca
jungesadvocacia.adv.br
v9.angular.io
www.arabianmarineexports.com
attenqr.archedstudio.org
archive-ism.com
www.arditobirraio.it
download.bankaks.com
bearcode.co.jp
www.bearcode.co.jp
app.bellegueule.fr
beregnrentersrente.dk
data.berimal.pl
www.blumemethod.com
bokarent.se
go.cashrich.com
gratitud.clau.io
app.cleansphere.online
longdong.climbio.org
clokio.com.br
unno254.co.ke
panel.meka-tech.com.tr
www.crosbois.com
www.crowworks.kr
exp.curae.jp
www.daju.surf
dev.debate.hu
www.debate.hu
draftacv.com
www.draftacv.com
cashflow.dynamicflowit.com
eatwelltobewell.ca
tavla.en-tur.no
finopsy.me
gdj4.foodle.su
www.gertjan.com
app.ghasl.co
www.ghasl.co
gso.pt
share.hatto.vn
cms.immv.ca
joinajax.ca
jumworks.com
order.kaiayurved.com
www.labquestdiagnostics.com
wunschkreis.lachisch.com
dev.ledo-tech.com
ocs2se-dev-l-pocket.lixil.co.jp
lsy-support.kr
mahmutsahin.site
demo-gym.mantra-wellness.mx
maplequant.net
www.medik-dom.fr
www.modeloguess.cl
map.mondayclub.io
www.msasoftwares.com.br
connect.neurox.solutions
ninhandholly.com
howto.omega-inc.co
links.oneofus.it
icctes-rio.org.br
notes.packerlabs.com
pinnacle-tech.co.za
piscinasbuga.com
home-skul.pngfe.org
apexwealth.portfoliolink.co.za
send.dnktest.pp.ua
support.qos.tech
w.quesmatic.com
www.rcsldh.org
re-upholstery.com.au
www.rons-props.com
www.rotaractportotorres.it
ryanterrazzo.ie
www.portal.rzlaw.id
legales.saferentals.app
sga.salonwaala.in
sealedprediction.com
seedz.shop
scan-stage.sensehawk.com
www.shelleyeverett.co.uk
colours.simonward.uk
skaiwalker.io
snconventschool.com
txduyenhai.ebot.stedu.vn
sweepcode.com
www.talissaodia.com.br
www.thegirish.in
www.tio-gt.com
tur-qua.com
pay.untied.io
veldarr.com
www.veldarr.com
sales.veritas.eco
vinnpresentkort.se
dev-otp.xlscout.ai
displaytools.ziyucao.com
Other domains in certificate