Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=jasperhs.gradgrid.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 21, 2025
Valid Until
March 21, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
16:A9:94:14:E3:0A:02:99:2B:7B:E1:0C:42:B6:92:0D:31:BD:5E:3B:BE:A0:6C:27:30:6A:31:DF:ED:80:6A:30
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
appenginemigration.com
www.acadya.com.mx
aceplumbingboise.com
cissp.almobdioon.com
link.alttpr.com
studioz.appshare.com.br
v1.azzle.com
www.ballerhill.com
app-preprod.bigmarkets.com
www.brbranch.biz
kinujo-link.c2sg.asia
calculatecreator.com
cardamum.ca
admin.cheart.io
www.christinewitcher.com
www.chronomizer.app
adobe-cloud-store-dashboard.comline.app
conseqta.com
www.darxx830.com
www.dgmads.net
blossom.dsinstruments.fr
edusystem.co.za
jissen-7002c.elvn.tokyo
www.ervateiracristalina.com
move.evanddes.com
eventshook.com
www.fame-it.net
link.feedsfeedsfeeds.com
fb.fivedottwelve.com
flickergpt.com
flickersoft.com
mus.frailleaves.com
www.fre-studios.com
galleon.so
www.ganitam.app
www.gbeuphone.de
geniusfixers.net
l.genosur.com
www.givinglifecpr.com
jasperhs.gradgrid.org
hackinglinuxexposed.com
recursera.hhbox.es
dwella.hiresome.ai
mangarel.hnishi.com
home-organizer.pl
honourourlovedones.com
ai.husori.com
ilkerkeles.com
www.servicity.in.ua
ingwar.ru
www.inspirationalcare.com.au
mail.intercreativo.com
www.itcloud.services
jorisvriezen.nl
where.kabirgogia.com
cubes.kadamclasses.com
kevincklo.com
kingedwardsociety.com
www.klima-buddy.de
kreditering.no
luisrangelc.com
cms.m1studio.co
www.maverickcreate.com
www.api.mergenetu.ro
mesbro-opinion.mesbro.in
mocroc.com
modestar.com
mykaze.org
www.neverastray.com
www.norkin.org
cuddalore.onewaydroptaxi.co
krishnagiri.onewaydroptaxi.co
ramanathapuram.onewaydroptaxi.co
salem.onewaydroptaxi.co
tirupati.onewaydroptaxi.co
www.ozzom.in
www.panorama.digital
pethereum.io
projetecgroup.com.br
racetime.app
vm.us.raven.live
connect-ng-claims.rxoconnectperf.rxo.com
www.ryanholste.in
salmona.org
santosh.app
www.screenserve.net
www.skillikz.co.uk
dev.proxy.sokuyaku.jp
labs-office.spont.cash
semadashboarduat.talktosema.org
web.turbowallet.app
preview.variable.app
www.vidatrilegal.com.br
voidark.net
www.waveloop.net
www.wethu.africa
www.wiforward.co.za
dashboard.wingside.ng
contractor.ru.wow-dev.org
www.youreagenital.com
Other domains in certificate