Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.fishmarket.ustka.pl
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 13, 2025
Valid Until
February 11, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
8B:FD:2C:12:44:3B:44:AA:99:6B:C1:C8:55:F3:BA:49:92:FD:EF:42:CC:17:FA:C4:1F:D4:D7:E0:3B:5E:57:39
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
dev.boletomovil.com
tablonapp2.9930i.com
aiagentmusk.com
www.alliedstrand.com
ambientaldelsud.com.ar
anaromero.es
asprecuperacao.com.br
www.baqalabags.com
barbersfy.com
www.bigbentravels.com
team.boltmovers.com
search.botlogy.com
brokenegglabs.com
chianac.com
members.cloudgineers.com
auto-cross.co.il
www.cvchamp.com
archana.dattadigambara.com
debtkarma.io
syb-universe.dept.co
pnd-i-p.dev-ltl-xpo.com
mobile.dmgpro.com
drdebashish.com
ebmobil.site
v4-web-sdk-staging.gassets.emarsys.com
www.emergencysituationkit.com
esccola.com
adminv2.filokar.com
firedupfitness.com
app.firestoremodeler.com
gtg.geosoft.de
www.getshopay.com
text.globalcloudpbx.com
www.goodstartai.com
intrivo.hamletco.space
hawkwood.dev
head2toes.org
huahcoding.com
www.igor-ganov.com
restaurante.inboxfood.com.br
inverr.com
www.itslearnable.co.za
www.japanesemnemonics.com
www.javierbongiovanni.com
jfm-solutions.com
kamay.dev
www.kasunjayawardhana.com
frcinder.kfiros.dev
www.lakea.games
www.mgfintech.com
www.morttiaittokoski.com
myalphaclass.in
app.neutrinojs.dev
nextvisionapps.com
signnu.nutrilia.es
www.offensivebinds.com
odr.oneday.com
www.ontoegankelijk.nl
ontribute.com
app.popomance.p-e.kr
live.pptvhd36.com
www.preassessme.com.au
pubscribe.dev
homeweather.qkuronekop.dev
rafaelds.com
www.rayganancial.com
promoteur.reevent.ai
www.remoteforslides.com
orders.restoplus.com
rooseveltpark.dev
www.rosenbaumlawfirm.com
www.safetranzactions.com
www.salamsilver.com
s-restaurant.salution.site
sghindi.com
shipx.io
www.sixdaysco.com
soniasurma.day
stagingnexa.com
privacy-policy.stayflock.com
svecvincent.com
app.tcr.club
applink.test-headout.com
tharushawijayabahu.dev
dev.theaurabrand.co
tinvoice.tintash.com
trade-r.com
www.travisburgess.com
www.turtlesturtlesturtles.com
www.tuttovintage.com
ukdealfinder.com
us-link.cloud
www.fishmarket.ustka.pl
vaccinegenie.com
www.vallecleaningco.com
wanderwise-ai.com
www.waterbot.com
whiskay.dev
williamjewellcamps.com
yetanotherapp.dev
Other domains in certificate