DNS Gurus
Open Cached · just now
80/100 SECURITY SCORE

Certificate Information

Subject
CN=wirkaufendeine-kueche.de
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 08, 2025
Valid Until
January 06, 2026 44 days
Public Key
RSA 2048 bit Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
02:31:3C:86:A2:7A:62:85:B4:F0:D9:AB:5E:5D:47:F1:0C:D0:3D:ED:7C:07:1E:B6:7F:61:95:52:E5:70:4D:08
Alternative Names
100 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Configured (Restricts certificate issuance)
Current Issuer
Authorized (Matches CAA policy)
Authorized CAs
pki.goog digicert.com ; account=d55e1707fe59cbbcecc371e9b7ddadbdaf2e3ccbb4bac1f5ae6a686a8e26f25f letsencrypt.org
Incident Reporting
Recommendations
  • Consider using critical flag (flags=128) for stricter CAA enforcement
  • Consider adding 'issuewild' records to control wildcard certificate issuance

Subject Alternative Names

100 domains
costallc-s.dev-ltl-xpo.com

Other domains in certificate

www.18dental.com
app-uat.aathisoft.com
aceapp.com.br
adjaythakoerdien.com
pj-dev.adssets.com
www.alcomplex.com
id.demo.apli.app
blog.apollustech.com
www.autolyz.com
www.bartweb.cz
bestellen.bitboulevard-gummersbach.de
ordena.bravapizzayespuma.com
bypak.net
aydinal.cammetalapp.com
www.capassotech.com
www.cloudstud-app.com
www.e-arch.com.pk
s.conwasteapp.com
judge.cxia.ie
gen.daamtu.com
www.darwinpoblete.cl
www.denblauwentutter.be
remote-play.dixper.gg
www.eijapalosuo.com
app.enerly.de
app.enypage.com
examensvoormakelaars.nl
www.firstvillageva.com
www.forfeeder.in
www1.gabrielsouza.top
www.gardencitycarpentry.com
devfest21.gdgsxb.fr
graphers.jp
app.haodiscount.com
haydenvac.com
tupromedio.ifcastaneda.cl
www.ipgip.co.za
portal.islacare.co.uk
jangubuzz.com
staging.jedibrain.com
jonbabenow.live
jstaniraresort.in
karoshi.io
link.kijijiautos.ca
adminsite.kingcrackers.in
klikkie.fr
nappn.kognitivet.se
api.learnpod.io
staging.librums.com
staging.lineararquitetura.com.br
lionsgym.online
www.loihitech.com
tasky.mackeypaulsen.com
www.mattlantin.com
meraline.com
mereaux.family
www.myhumblestory.com
b.nflo.at
www.nickit.se
www.niiodenkey.com
www.nomeravto.com
plataforma.nutrier.com.br
dugun.onurluseyler.com
otavankruunu.fi
beta.pathadvice.at
comera.pekoapp.com
heel2toe.physiobiometrics.com
www.plot2plot.com
dr.pmjmp.org
pranjalmishra.dev
l.prepp.in
primovisionmedia.com
purin.ca
radiochardikalausa.com
reinscom.com
reskillamericans.org
portal-staging.s3ntin3l.com
www.showfocus.in
r67ybhjokobv6rso9tyg.smartimob.io
snowtreecreative.com
socialidentity.in
solmazandkasra.com
tvf.spwn.jp
stickyjamz.com
mms.syncgoods.com
tape.link
www.taxi-barraux.com
team-alfonsino.com
business.teamflamingo.com
techyaditya.com
theblackbird.in
vendor.beta.thegiftery.nz
thejwaygroup.com
yolocats.tinkr.fun
titanwolfsec.com
post.truckit.uz
vidcreato.in
wirkaufendeine-kueche.de
zestlife.zestmoney.in