Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.graymarket.ch
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A0:5D:A4:43:8E:B7:70:D4:24:5E:B8:09:DB:A9:05:93:00:AF:65:37:17:8A:E4:21:66:72:DB:EC:6A:C9:34:E8
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
tedxathens.yodelit.co
tedxgriffith.yodelit.co
tedxmelbourne.yodelit.co
staging.api.linkafrica.28east.co.za
application.advanda.app
advprofitcalculator.com
admin.akadevo.com
akaritakada.com
albumatii.com
alexandre-paradis.com
altcoinportfoliomanagement.com
www.altermi.org
anthonypalicea.com
www.aot.lk
www.apenrots.info
www.appointia.com.ar
xira.apxor.com
archart.ch
arenarpa.com
www.automaisbh.com.br
spesen.axa.ch
www.b-52.be
test.bakestudio.in
bakmet.pl
baninzi.com
campionissimo.nl
app.careerpower.in
app.caricami.it
chied.info
maker.coinquoter.com
app.identityproofing.coltonwilliams.net
app.continyoucare.com
montagna2000.controltag.it
link.dea-service.com
dashboard.dmify.pt
share.domobile.com
www.dryg.net
elarteacuchillo.es
elcamino.cloud
entrust-assessment.org
eveindustryplanner.com
www.goholycrossclinics.com
www.graymarket.ch
peasant.greatbarrel.com
www.greenkleenoman.com
www.guide2sarajevo.com
haurakiroofpainting.co.nz
hippr.org
account.homehub.site
llm.hub9.io
www.inigodelportillo.com
app-staging.web.innotactsoftware.com
demo.platform.ishealth.app
www.itsmi.store
www.keighly.ca
www.khazanaproperties.com
www.latabisca.it
broadcast.live.inc
www.makingarchitects.com
www.matrixprog.com
washers.misterlavaggio.com
www.mountainmist.in
mxmalykhin.com
www.naturalisation.live
batteki-staging.neopa.jp
nextops.io
nourlawyer.com
www.pasticceriamela.it
www.pornotvyhodedy.cz
blog.puur-eva.be
radiogen.io
www.randomideastore.com
sprint.rv.ua
www.sandblad.com
selector.io
singinglessonssheffield.com
www.smalltalk.kr
sortis.blaze.solerabank.io
italy.solomonschariot.com
starmandala.com
mystorypoint.studiocloud.dev
testapis.suhaib.in
dev-fm-generic-kiosk.supersonic-fm.com
www.tailor-code.com.ar
tbint.com
teodorstoev.com
perceelwijzer.acc.thenextapp.dev
passwordreset.tieredtech.com
trainingshoes.turnosweb.app
tutaxi.com.co
ultimatebeta.app
www.urbantechconnect.com.br
www.viv.dev
voh.ro
app.vomtuerken.de
advent.vpbank.com
qrkiosk.washere.app
whitesand.biz
workteen.org
www.wrkcmp.com
Other domains in certificate