Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=winery-management.grapeweb.com.au
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 30, 2025
Valid Until
January 28, 2026
74 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E3:4E:99:91:51:FD:0A:5D:97:B2:BB:32:37:76:EF:43:89:C9:00:7A:0D:BC:68:26:EA:16:99:83:46:F2:12:87
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.salonjosie.com
hon-sceneconfigurator.3dcloud.io
againsteverything.com.mx
aipp.jp
app-dev.airsurvey.it
www.amokal.com
gestion.ampeca.org
app.amplifique.me
anridecollo.com
bediag.com
staging-admin.bizmate2u.com
ooh-advertising-dev.carto.solutions
crox-public.chklab.com
marksolutions.co.in
www.monkeymoon.co.in
line.wl333.co.th
cafe-v.jrgroup.com.sg
wylix.com.tr
csmanjunathip.in
www.dasoban.com
app.digitalautomation.com.br
auth.elmsaviation.co.uk
empireenergies.in
ethiogamers.store
www.f2p.tv
finitel.rs
forge.report
gaetanoracioppa.com
gishub.com.au
pay.basistheory.gr4vy.app
winery-management.grapeweb.com.au
www.gusurban.com
carni.healthium.one
get.hoam.tech
indigenousartsfoundation.org
infrag.org
jarovid.com
kamyar.io
entry.kurumaisu-marathon.com
labibliotecacafe.com.ar
admin.learndot.online
lipeportfolio.com.br
liquidhotmagma.rocks
madurai.me
masivo.tech
www.mathquizily.dk
mincrea.nl
ministerievancreativiteit.com
www.momend.com
recipe.myrealfood.app
www.myrealfood.plus
www.n8n.expert
www.ngelbond.com
www.nofriction.io
nota-bene.group
oops.vip
link.opreromasrbija.rs
animestream.oussamaferchichi.com
chat.pglux.com
analytics.phishar.com
app.dev.owner.pocketpost.life
my.poliveautennis.com
city-express.project-lithium.com
purgatoo.online
circletimer.qap.red
app.revibe.lat
link-test.safeguardapp.nl
auth.salesconvention2025.it
retrospective.scrum-tips.com
shocat.app
skcdevelopers.in
skkudramaclub.kr
sky-7.co.uk
speak-buddy.com
avalon.spiders.fun
www.stgermainsanta.com
www.studybuddy.cz
sustenergo.com
www.tall.tw
www.tapioca-maps.com
dev.app.thelinehauler.com
authentication.trunk-staging.io
sp.admin.twaddan.com
u-mateadmin.com
admision.vab.pe
admin-area.vasdepunjabi.com
vecindiario.org
veltrixexim.com
www.vendi.ly
onelink.vill.vn
imgupper.web.id
webbyapps.io
www.wecovr.com
fizzypeach.wildapplications.com
www.wilsonwid.com
dev-middleware-frontend.wisperisp.com
dev-serviceability.wisperisp.com
middleware-frontend.wisperisp.com
zielstudienkolleg.ru
zylmaison.com
Other domains in certificate