Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=gra.episkorzow.pl
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 14, 2025
Valid Until
January 12, 2026
56 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6F:5E:30:A9:29:34:15:7E:81:C2:58:14:FC:FC:55:1F:C3:BF:39:A0:E6:6E:E0:B6:B3:CB:C8:66:CC:B6:13:A0
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
zacklukem.com
2etris.com
admin.tcsports.staging.abccopy.co
proyek.additonks.id
www.aireservices.net
www.aironesuspension.com
crackify-paste.alledotech.in
fitness.amanisalim.de
www.ocorrencias.app.br
austin-high.com
ors.balajibpa.com
basalitech.org
test.metrics.bcregistry.gov.bc.ca
cardia.uy
uzd-polczyn.kuracjusz.com.pl
agroapp.com.uy
pedidos-back.data.com.uy
aperitap.contactmediahub.eu
legacy.costflow.io
cosymice.com
handle-support.djtechware.com
doloressantander.com
app.dossardeur.com
auth.downfour.fun
drbhatticlinic.com
esca.einargs.com
eparichay.in
gra.episkorzow.pl
pedrama2024.escolademontanha.com
ewetechnology.com
dev.faabul.com
comprovante.flitapp.com.br
fluidstorm.com
gcptester.com
prod-blog-origin.gohenry.com
guitarlessonsbath.com
samchat.gyakhoe.com
helloshelfy.de
profile.hocgi.vn
beta.howmanyfuckingswipesshouldihave.com
stack22.informacast.app
inmobiliariagrupoxalka.com
app.inviewer.io
www.jacobfields.dev
jsconverter.com
kaizenprospecting.com
www.kamraman.com
kellyandbenwedding.com
a.kmpr.in
www.leandroap.com
learnprogo.com
linecomma.com
luvaepena.com
lyraleap.com
www.manami-ueda.com
masahiroike.com
meetuapp.eu
mepcad.com
mountainsidebuildersvt.com
qa.myagentspro.com
charge-wifi.nabehide.com
ninety-23.dev
www.osparis.com
hq.pack339.fun
palacerestaurant.fi
app.pidra.ph
en.opendata.plastic.research.pirika.app
baegjubu.ponorder.kr
stg.park-jihoon.re2fe.com
www.rentalplicity.com
www.replay-mystery.net
retailcrm.cloud
www.riseup.lu
www.robotics.seedtechnologiesllc.com
www.simamat.id
siponads.in
www.skvermile.com
www.smart-crop.com
app.snowfox.ai
speedlanguages.co.uk
new.steampunk.digital
etiqueta.superfrete.com
www.surffitapp.com
app.swaiver.com
tanmoykarmakar.in
thesriramdevelopers.in
www.tiberiomalaiu.com
tntr.app
authlink.stg.common.tokyu.co.jp
admin-staging.totalymage.com
www.umerevo.com
www.vaanisaifm.com
recipe.varage.eu
vitalprint.vidhema.com
www.viennamoving.at
voeart.net
freshvoice-webinar-admin-dev.workshop-live.com
yashprints.in
podstatus.youngrobot.com
client.yourdocket.com
Other domains in certificate