Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=payments.arc.growflow.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
54 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D3:56:3A:79:6E:8B:D0:7C:90:34:3D:BA:74:D5:BA:48:39:7D:54:74:C1:51:4E:E4:3B:27:12:22:7C:64:96:77
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.backwood.design
llg-crm.5loyalty.com
adamkate.com
myadblock.licensing.adblockplus.dev
portal.agilite.io
appzavr.com
ayms.ltd
batjet.it
beaconpointassociates.com
belgonet.com
firebase.auth.bethesomm.com
helpcenter.booster.id
buildingaugmented.com
buraksaraloglu.com
carmenion.ro
chiesadanneale.it
mathquizily.co.in
www.todayescape.co.kr
comc.com.au
dataacademyhmex.com
collaudo.davideaccornero.com
www.designaky.com
studentgathering.egzonhasi.dev
elpatiodesalcedo.com.ar
www.empiredental.mn
fevece.com.br
free-tts.com
match3d.games235.com
santasmagicxmas.games235.com
totemiacursedmarbles.games235.com
www.gdgahmedabad.com
nutrition.me2-prd.gmal.app
workforce.godspeedgroup.ca
goodguysacademy.com
payments.arc.growflow.com
gwgsprockets.com
hbcmusik.com
app.hqhq.ai
storm.infoplaza.nl
ito-funding.com
izwe.io
www.jonathan-ewers.com
lucianodomanico.ch
links.mazalearn.com
meucampeonato.com.br
midlandhealthcare.org
ministry-backend.ministry-apps.de
mississaugabarandgrill.ca
www.mitienditaonlinejuansalvador.com
moayadmgh.com
upload.mrayush.me
login.mystudio.app
ndi.homes
www.needsdone.app
training-admin.netccnone.com
nihaokaiser.menu
joha.nnschramm.de
dev-app.novio.in
app.omninegocios.com.br
oneplayer.ltd
www.parrinos-pizza.com.au
services.pingaarafpo.com
www.pjcoconuts.com
solution.play-haus.co
kool-pak.portal.plenadata.com
prbsolutions.co.uk
rctstudy.jp
reuter-natursteine.de
www.roboflow.run
rouadiminetii.md
checkout.s-hop.be
saakin.ca
saiki.lol
www.seehait.com
solarbytes.io
solidusertest.com
simulator.soppkontroll-app.no
souzaland.com
admin.staging-workhub.site
superboysteve.com
bea.dev.syscake.it
android-support.talkit.pro
www.tdy.digital
www.temiskamingvet.com
tetris.012345.ch
thayliescritora.com
hype.thrivex.io
passwords.labs.tozny.com
transportesfeminas.com
app.truetherapy.me
trylokl.com
tstpilefoundationkerala.in
twid.co
panel.vlivemedia.com
www.waybeetech.com
web3cr.com
willyou.watch
yachtsup.uk
www.yunussaid.com
www.zalzamusic-v2.com
Other domains in certificate