Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=bestellen.thessaloniki-herne.de
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 30, 2025
Valid Until
December 29, 2025
48 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
02:AD:3C:1A:15:5A:09:F6:C7:08:E1:13:93:47:97:A5:9D:3B:97:F1:C7:E7:6A:CA:4C:B7:61:0F:F7:9A:A6:E4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
courageagabi.com
www.3bi.tech
www.4bytes.in
ahanu.ai
www.alrmoozsa.com
alpha.arcadegalaxy.space
www.milka-fr.asiadigitalhub.net
bankruptcyfeereview.com
readers.beingndoing.info
acajaccio.deeplinks.bfansports.com
boatymcartspace.co.uk
admin.borne-candela.fr
www.brennerd.com
www.cashengbung.org
sevis.cashex.app
casinomatrix.ee
chanyuntea.com
www.chi2create.com
chiccue.com
d.cl8.io
www.nawabii.co.in
www.omkarjadhav.co.in
flowalpha.co.th
link.botcity.com.do
invite.comobi.io
covidb.org
www.dacecia.com
debjyotiacharjee.com
dehairasilva.com
www.deintattoo.ch
www.discgolf.media
preview.donatemyanmar.com
www.dongchankim.io
doutoracompanha.com.br
d1-mydeliveries.dpdlocal.co.uk
www.e-craft.io
www.eazealliance.in
auth.google.eitvplay.com.br
emersonvicunadds.com
www.ethergalaxy.net
demo.g17.eco
www.gameralm.at
dev.app.genealogydirect.net
www.giftnft.app
greatgamesstudios.com
www.guavaberryrealestate.com
kiosk.harba.co
www.heki.io
cm.hiddenslate.net
www.hotilio.es
japan.imacoco.world
ine.24.computosonora.com
instavocab.com
keeponroaming.co.uk
kerativ.al
kodapay.ng
gpg.l3x.in
laamannjohann.es
www.lakshmi-enterprises.in
legacyguidetour.com
lennoxinvestments.nl
lessonkeeper.app
www.logicaljupiter.eu
referral.qa.m00eks.org
macademy.macademy.in
dev.menucloud.io
tribial.milumino.app
www.mitsuwa-off.jp
mkbservicedesk.nl
www.molxr.org
portfolio.nicolasloisy.fr
www.pagcomanda.com.br
patolar.com
create.pickaxe.media
app.picturelive.org
playfair.studio
app.posy.io
www.pranav.show
admin.rakuco.app
resaleradar.co.uk
agilemapper.staging.roadbotics.com
doctors.mysore.servicemall.in
realestate.us.servicemall24.com
cardiffvaletutors.snapmentor.no
suramed.co.za
tanseyelectrical.co.nz
drivers.taxigo.cc
www.testrs.app
education.theideaproject.org
bestellen.thessaloniki-herne.de
app.tracis.io
traveld.app
classmanager.trelson.com
unilalugueis.com
www.unilalugueis.com
www.uptportal.com
manager.dev.urltv.tv
viscosync.xyz
conference-finder.wishtack.io
www.workease.io
Other domains in certificate