Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.grandfalcon.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 16, 2025
Valid Until
February 14, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3F:B5:07:47:A3:5E:0D:9B:3A:75:8A:FD:BD:2C:DB:E6:03:E7:2F:2E:43:51:45:71:29:96:66:D6:93:53:00:8E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.tiratom.com
dev.emailvalidation.14west.us
www.abrahanfer.me
stg-red-radar.airasia.com
hrz.beaconforce.com
club.app.bestathletes.co
aplicativo.biofamed.com.br
www.bitworks-engineering.co.uk
booksecurity.net
links.brandwallet.in
businesslogic2.dev
www.chatxbuy.com
control.cittyo.com
ais-backoffice.blueparking.co.th
coven.games
app.curiositynavigator.com
belnord.teaser-demo.dbox.com
dear-tummycampaign.com
deltaquestoes.com
dhakalroshan.com
docs.docubat.app
docubat.app
sachtoan4-bt-old.sachso.edu.vn
tiengviet4-old.sachso.edu.vn
www.eloquentlanguage.app
www.excelmaths.com.au
exekucepodlejmenazdarma.cz
qa-wrh-portal.exitest.com
www.exphub.in
www.fisheye.watch
flametask.com
fishbowl.flow.club
www.giandliver.org
www.grandfalcon.com
www.gslove.xyz
auth.prod.haikeix.com
hornbach-baustoff-union.de
login.dev.huddleuplearning.com
su.huiosministry.com
mobile.iblflexitank.com
imtpaveexpress.com
www.jjanaya.net
capital-cities.jjgray.me
beta.joinsalut.com
kaizencapitalllc.com
a.kotai-bio.com
kp-safetyapp.com
kumikorin.com
forms.ladystartup.com
latinwings.com
leenbraeckman.com
lithym.com
littleroomvideo.com
www.logosgumruk.com
pay.lopay.com
m4ttarnold.com
marroquinbarber.com
my.mastermindjam.com
www.medul.dev
www.meitoanswer.net
mynameisspit.com
nachteck-dresden.de
nawaman.net
pic-tfd.mentor-stage.neccton.com
neverbenbetter.com
nikhilahuja.xyz
obaobidoyin.xyz
www.occser.com
docs.oxushr.xyz
link.pckt.host
pinchos.planck.biz
playwardle.com
ersa.qfix.ai
www.quattrol365.com
rupeoinrc.com
saferonline.co
schaferfilemanagement.com
ad.shuudan.com
silentbiplane.com
skillsconsulting.cl
sommersprosse.net
www.studiooffdownton.com
subrkit.com
konan-xr-demo.w.suichu.net
s-join.superintent.ai
stage.thenexigent.com
thewanderersin.us
verify.threadloom.com
wakefern.toborprocess.com
traveltogether.app
www.truelogisticinc.com
universelab.kr
upstateexotics716.com
voiceoffer.ai
www.xafarx.com
devslink.xcaldata.com
yero.academy
zacherl.dev
zarlight.de
zergiocunha.com
Other domains in certificate