Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=backchodi.sanjaygangwar.dev
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 11, 2025
Valid Until
February 09, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
82:C5:A4:5F:E0:5D:D5:2E:B1:B0:47:8B:60:7F:8E:AC:E2:71:2E:0C:13:F6:D8:74:9D:CA:43:77:55:AE:04:8F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Basic
connect-src; script-src; font-src
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
pay.blackbaud.gr4vy.app
pay.grammarly.gr4vy.app
pay.partners.gr4vy.app
pay.partners2.gr4vy.app
pay.paysafe.gr4vy.app
0935871569.sodientu.com
app.akstotal.dk
alaminplus.com
ankalesh.com
link.rease.appetiserdev.tech
appliedui.com
artjam.app
auvibado.com
barrybishop.com
be-lingual.com
pickup.birkie.com
www.blazeweb3.com
bodarauljael.com
bubocat.xyz
byjmn.fr
chumangoplus.com
cliff.chat
contractorsworcesterma.com
ctae.xyz
daorigins.com
dd.digital
www.digimirra.com
dongseok-park.kr
dambrete-test.draxogames.com
easwares.com
www.easyfarming.org
www.edensblessing.com
riddlering.ekamapps.com
mental-sleep-sdm.elservice.cc
powerbank-agent-test.energic.sa
rajain.epassikuva.fi
program.erickduran.com
www.focuso.app
fysiosense.dk
app.getscaper.com
www.gimmegimme.gifts
goranjovanov.com
www.hectoware.com
www.houseofhopecenterofcare.com
iiot.cl
dev.infohub.jp
just-ec.shop
kerry-mo.com
help.kompass.de
go-staging.kynetik.com
go.kynetik.com
lakshya-tech.com
www.laughmask.com
lawidi.com
lestar.sg
lumiapps.net
lusciouslymade.com
makkalmarundhagam.com
med2doc.com
minmaxxing.com
manage.mountbellglobal.com
mrpowell.dev
mylevelup.io
quotes.nikmoores.com
www.nyuuly.com
obidhonyi.com
opusoft.fr
fed.sase.paloaltonetworks.us
www.paycloudafrica.com
plfgames.com
qrafty.io
protectwithbear.rtbnow.us
sagarshabbir.com
backchodi.sanjaygangwar.dev
sat-liteni.com
staging.admin.seekpeace.io
ariyalur.selvitravels.in
tiruppur.selvitravels.in
trichy.selvitravels.in
shanakaprageeth.com
smartexaminerai.com
www.sohambutala.com
sorcery.one
spellblaze.com
stop-it-app.com
straviq.com
link.tasstudio.in
theionstudios.com
tradercito.com
www.tradercito.com
ubicographics.com
dev.valueguest.com
vexonstudios.site
www.victorspringer.com
victorvaz.com
victorvaz.dev
engage.cja-collections.voyagernetz.us
engage.imbuyiso.voyagernetz.us
whattimedoeswhattimedoesthesuperbowlstart.com
assistant-scheduler.wink.codes
Other domains in certificate