Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.gkpmc.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 26, 2025
Valid Until
February 24, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D2:C7:C1:6E:6C:9D:0B:BF:36:41:9A:AC:D1:65:0C:10:64:16:87:D2:33:AF:D2:C3:DE:C7:3A:B5:B6:06:16:3E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
link.prayermatch.org
2ndwavewasteservices.com
www.adwokatbenc.com
ajwillmot.co.za
alexfriedman.tech
caixa.tanamao.app.br
ardeche-encheres.com
astrocom.space
www.encasa.baumlanus.com.ar
www.benfencap.com
birsbirtok.com
bit-fog.com
www.brainchild.sg
bricksgta.ca
britta-meinke.de
www.calebsmith.site
bulletins.churchstreamer.org
app.cluehub.io
attendance.lmn.co.ke
www.codecenter.ro
colorexpander.com
educonvert.conversimple.com
propcall.conversimple.com
journal.coolcold.co.uk
core-mall.net
countryviewestates.org
prayteam.creat1324.com
transcribe.creativechange.us
staging.callcenter.crisalyde.info
e.deva.sa
devnews.buzz
doo.monster
www.drakensol.com
shop.dw-services.de
easycompany.cc
el-gato-encerrado.com
ethereallab.app
expeditelaw.co.uk
fasublimacoes.shop
card.finaleoutdoor.com
fortydegreewaters.com
app.staging.futmondo.com
georgashomes.gr
geoz.ai
www.gkpmc.com
contable.grb.uy
greybak.dev
staging.halpfestival.sk
harwoodbeautyspa.ca
headphones.nl
app.hirelogic.co.uk
www.hllawyers.com.co
www.isishuerga.com
www.j-li.org
www.jueunedu.com
link.kondo-kougei.co.jp
www.la-savore.de
lafi.cl
lareposteriadetuttymx.com
teacher.lessontime.co.uk
millionaires-library.ru
neuralilux.com.br
app.nextrain.co.uk
qws.nineeightynine.com
link.ormar.app
pomoc-drogowa.ostrowiec.pl
chronos.paradowski.site
dev.paralam.ca
penguinartists.com
gestores.peterbox.com.br
www.phyxsi.us
www.pigeonquest.com
admin.pontuax.com.br
practicalweb.co.uk
m.pro-dic.jp
proteum.digital
pukloo.fun
fgvtn.hom.quantumrfid.com
www.quervaler.com.br
app.quizzme.nl
www.radon.ge
app2-stage.raveretailer.com
www.royvanlangen.nl
www.rtredes.com.br
santengenharia.com.br
www.shampagne-cellar.dev
www.shopmyinfluence.fr
www.smartautismbarta.org
smile-award.net
juego.somosmelo.co
app.steprevision.com
www.sucu.no
www.superfluid.io
www.thercc.us
social.tigweb.org
conectavoz.tur.br
app.voteril.com
www.waitapp.in
wietsevenema.eu
www.workwireless.net
Other domains in certificate