Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=link.appraisalgrid.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 27, 2025
Valid Until
March 27, 2026
73 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C1:F1:77:DD:A7:0A:FB:90:E9:3F:48:AF:E2:00:67:00:ED:44:62:FF:C7:AE:45:CE:C6:64:4D:47:3B:65:6A:85
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
nirogwellness.com
0xd.jp
3hpartners.com
www.aansit.net
dl.actonica.ru
alfa.adanfarmacia.com
calicut.adfinitas.io
adriandiaz.dev
www.adriandiaz.dev
www.alexandra-propst.at
alexgilbert.co.nz
app.staging.amplisend.com
www.amysadventuresclub.com
answerthequestion.tv
link.appraisalgrid.com
www.admin.arcsmen.com
www.print.arxswift.com
aspieautomator.com
daily.augmity.com
www.backendpulse.com
dresdnerscvolley.deeplinks.bfansports.com
kernzonen.bpww.at
share.carecircle.org
catedralcoffee.com
cetadcontrol.com
app.sharemedia.co.il
shunfa.optimumtech.com.my
cometolighthouse.com
confactura.pe
cyan.red
denisboulanger.ai
www.dianamolinari.com
www.duet.new
planning-poker.eni-eni.com
www.escayolistasmadrid.com
www.dev.estomatolog.com
www.hobbytimewith.me
sa.ihhsfair.com
admin.resourcebank.internationalsnetwork.org
v5.jcxyis.com
www.josiahngu.xyz
www.kappowapps.com
kosinwork.online
www.lgx.fan
lims.ninja
admin.lingualbox.com
ops.demo.listoglobal.com
edu-prog.livingrobot-platform.com
www.logtrack.com.br
www.dev.lynxai.tech
devdocs.trust.miracl.cloud
estadisticas.municipaldemairena.com
www.muxgram.com
admin.napandup.com
dev.negnan.com
nishimura-zeimu.jp
nstuttle.com
odeenesecurity.com
bemmais.omnisaude.app
bemmaisv2.omnisaude.app
careplus.omnisaude.app
conexa.omnisaude.app
doc24.omnisaude.app
emanapay.omnisaude.app
pasi-staging.omnisaude.app
pasi.omnisaude.app
provida-staging.omnisaude.app
provida.omnisaude.app
salvia.omnisaude.app
segurosunimed.omnisaude.app
somapay-staging.omnisaude.app
somapay.omnisaude.app
viventeris.omnisaude.app
opcjet.ma
openroom.co.za
otakiseafoods.co.nz
www.pamokoms.lt
pandionenergy.parkalot.io
penielsinew.com
playbox.zone
pondryhills.com
qanouni.ma
vb.qp.is
widgets.staging.roboflow.com
www.rokas.website
rosemarygratch.org
sabinasialbert.com
shiba888.bet
my.skaal.io
demo-international.snapmentor.no
promo.sonarmuse.org
www.sthokar.com
fpf.ge.sync4edu.dev
bloom.thediners.in
www.theelders.us
quickreco-stage.thepetdoor.net.au
live.ultrastark.ch
valentinaprinz.com
www.whitecodelabs.com
2024.wnslodz.pl
Other domains in certificate