Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.zagrajmywmature.pl
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 06, 2025
Valid Until
March 06, 2026
48 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9D:72:D0:AD:76:75:8D:02:99:8D:89:75:C2:A5:53:61:83:E6:42:02:5B:1E:8F:1C:7E:A9:01:8F:68:0B:F5:A2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
circle2forgiveness.com
sydney.360business.photography
pcman.4patientcare.info
achron.ai
links-fives.acty.com
www.aleks.rocks
alexben.net
web.amgeon.de
cm-connector.apachedigital.io
www.arunabraham.in
www.asconsultancyindia.com
www.bcnweb.es
app.bikeroutes.be
testlink.bladewallet.io
mobilog.console.bringo.me
studio.captego.com
opr.chatterslaundry.co.nz
co-in.life
doc.agent.controldata.co.th
comicaro.id
www.communitycrag.com
admin-dev.services.cortiqahealth.com
cosimarosie.com
credimanager.app
www.dazl.studio
admin-dev.dealpartner.lk
csr.dena.com
www.designori.net
kurssit.diarium.fi
www.digitalpeople.cz
codenames.dkamdar.com
dmccoder.com
dqst.co.za
business.dribo.es
config.duckma.com
www.e-smart.cl
www.electronicscalculator.co.uk
dashboard.eluminatelabs.com
solutions.enkeldigital.com
enlighten-ed.io
www.eternityliving.in
www.experimentalwebpage.com
fembelling.live
incontacto.ferial-e.com
toolkit.fymconsulting.com.pe
www.galaxycolorpets.shop
www.genfixsolutions.com
getredeem.com
dashboard.grouplinknetwork.com
smartretail.grouplinkone.com
www.gulock.ca
haizelai.com
hebdomagazine.com
www.hopetrust-twc.org
assistify.irfanraza.me
www.jewishquarterankara.com
app-staging.jobkantine.de
jpmusic.com.br
service.kinkyer.jp
kinoagricola.fi
canvas-dev.klarway.com
koven.au
www.l-atelier.biz
www.logandevs.com
marinegpt.marineinsight.com
kiosk.martialart.solutions
www.martinwoo.ca
mistertee.de
museums-idf.fr
mvgconstructora.com
links.droom-int.account.nasta.co.jp
newcodesmith.com
register-ui.dev.nortic.io
ntreesoft.com
dev.objex.tech
bayerische.pathadvice.ai
admin.petfoodscan.com
www.pocket-pet.me
www.pribyla.com
dev.raideriai.lt
www.shortcut-remote.riedel.wtf
riggingpmr.com.mx
www.rocaviva.eu
app.shippio.io
merch.shootingblanks.wtf
www.sizechart.app
dev.soco.market
app.soon-universe.com
suddenpeak.com
svashishtha.xyz
tennesseecollectionattorney.net
thousandreams.it
uxcapital.asia
invest.verified.network
vr-cardioexplore.com
flinks.wakeali.jp
woosternaturalfoods.com
nucleus.yektasarioglu.com
go.yhu.me
app.zagrajmywmature.pl
Other domains in certificate