Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.sweetera.de
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 20, 2025
Valid Until
January 18, 2026
43 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5A:AE:31:27:C1:3E:63:62:E3:0C:24:A1:57:BF:45:3C:D5:82:1A:13:B6:9E:E4:FD:42:72:AE:38:3D:54:FD:68
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
beta2.partner.orendafinserv.com
afiewura.com
cells.appnho.com
www.audriusraso.lt
hire.auzmor.com
www.axs.network
baballouk.com
barcodecam.com
bettool.dev
snippets.borogove.app
boucherie-barneoud.fr
bridgity.com
brusadellicostruzioni.com
app.dev.bystro.cr
caddiecalftool.com
cpo.cariqa.com
www.casaloretospa.com
promo.chedraui.com.mx
clients.chefgo.app
www.christophergomez.dev
www.co3productions.com
codecraftedphysics.com
cicumikuji.codeful.dev
dentcoach.ai
dodoreviews.com
drsrikanthurologist.com
xv3scwsghfh.easyapp.co
gj.edcliente.com.br
endyai.com
everestmetalcoating.com
www.sapphire.fastsigns.com
app.fatexfi.io
link-dyn.fielmann.ch
www.floppytherobot.com
titan.fomo-tv.com
www.g2o.si
www.en.gda.sa
www.getallium.com
griffingames.com
potol.haco.tw
www.heritage-movingandstorage.com
thuoclapcuc.huyenkhongtamnguyen.com
www.imio.app
applink.jayco.com
www.johanabelson.com
www.johnwise.dev
www.dev-clientes.k-9apps.com
www.koral.ai
kurr.dev
test.mca.leanera.work
leonstier.com
libora.co
list5.app
dia.loyal.guru
www.mchristianstanley.com
me2wind.me2soft.com
www.miguelaenlle.com
moduminting.com
teacher.exam.mylearned.com
mywillful.com
navatar.live
www.niblets.io
www.onemeweb.com
food.onroad.app
download.outfun.app
owqlo.com
digital-menu.toddenglish.paymytable.com
perfumelab.com.br
www.pixley.app
quotationwizard.produvar.com
campaign-entry.promille.jp
psychoterapia-wojciechowska.pl
api.staging.reach4help.org
www.renaultenergia.com.br
rydan.dev
saltyfloral.com
selidrissi.com
engineroom.shotwot.com
www.sifty52.eu
www.smarthomecompared.com
www.sparkup.uk
www.squishonsol.xyz
dev.stapchallenge.nl
sterba.tech
stmtok.com
www.storybook-treasures.cc
www.sweetera.de
padgett2.tallyfor.com
download.tarteel.io
themeetingplaceonroosevelt.com
www.themeparklive.com
theoakmeadowspetresort.ca
www.tonyandjimsplace.com
www.union-bauzentrum-hornbach.de
www.utah-directions.com
vizij.ai
voleijam.cat
votei.app
whichsandwich.com
app.kosherstgapi.ycproduction1.com
Other domains in certificate