Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.growgrades.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
37 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4A:2A:AA:68:93:9A:90:EB:66:B6:77:08:AB:89:8B:FE:40:09:39:B9:2E:A7:FE:75:B9:BE:E7:B1:CE:CB:21:29
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
auth.snakcity.com
store.180-bh.com
login.3k.nz
www.ajwaservices.ae
reservas.aldeacampestre.com
www.alphawavesystems.com.mx
mur-video-desjardins.anagraph.io
go.aspasiaphilosophy.com
download.au-schein.de
www.b2bflights.com
buroperevodov.org
otodeger.canotomotiv2el.com
links.careerscloud.in
www.joinact.co.il
heeshafoods.co.tz
teacher-ulp.smartstart.com.kh
cn.jerry.com.my
www.damgiagroup.com.vn
reserva-pista-padel.comunidad-vecinos.com
jointhequeue.countdown.co.nz
www.danielareina.me
www.digitaleasy.dev
dmify.pt
pfg.dominos.jo
www.dotnetweekly.com
ducdao.io
eengeart.com
mpreis.backoffice.emporix.com
pwa.fenix.group
filliscoffeeshop.ro
admin.fmnd.com.mx
webapp.geckovisions.com
www.console.genvision.it
www.liverank.genvision.it
dev.georginacope.co.uk
hellozayo.gonuts.ai
www.growgrades.com
wine.hagakuregroup.it
hedefofis.xyz
www.highfitness.co.nz
pasaporte.ilerimplant.com
biz.indiagold.co
link.insidr.trade
www.jervissports.com
jkt-sb.com
link.jrnl.com
a.t.bo.jug.im
sample.kakaotalk.app
karmahunter.app
focalpoint.karmyog21c.in
app.kdrcourier.com
kidd.pro
camperlocatie.kokima.be
kurczmark.hu
capdon.lalita.vn
investors.larva.cloud
lebonwedding.be
github.webhooks.m4m.io
mineralcenter.it
www.monsterbilligt.se
swift-book.natgeo7.com
neod.se
www.nextayah.fr
portal.nithyakrishnacrackers.com
niwa-express.com
www.oguzyildiz.dev
fire-staging.olioex.com
roster.outline.org.nz
outrefair.co.uk
particlehub.org
percussion.ninja
www.event.pointant-app.com
www.qad-dynasys.com
www.respirerpilates.hu
www.sappporoguard.com
demodot.scorce.io
www.shahname.online
shsasa.com
app-api.sigma.trade
staging.silverbackhw.com
share.snoopstar.com
www.sotop5.com
uchicago.sowl.to
demo-capacitor.suvila.ch
bodamejiabeltran.swanmoments.com
bodacornejocanas.swanmoments.net
bodafloresbatres.swanmoments.net
bodamejiachavez.swanmoments.net
quiz-app.szabonorbert.me
thedriftnft.com
vtt.thepineapple.dev
theshoeslucky.com
m.app.time2tri.coach
links.todoempleos.mx
torogalactico.com
forfirebasetesting.trustin.app
www.oceantur.tur.ar
www.ubjective.com
shufl-qa.webenv.io
wlogistics.com.mx
Other domains in certificate