Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=embed.picky.recipes
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 06, 2025
Valid Until
January 04, 2026
47 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
38:2B:EB:C5:7B:AF:81:59:42:FA:74:A2:6B:76:6B:D5:5D:06:EF:A0:BD:74:87:7C:4D:62:6B:A0:7D:2E:84:EF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
kamytech.com
abnerpena.com
www.adrianjost.dev
events.almeersereddingsbrigade.nl
www.learngcp.andrewdo.cloud
www.antonalbitskiy.com
www.antoniadibello.it
at-infinity.com
atea.institute
www.bikepowergauge.com
www.binkertlaw.com
www.cam-resp.com
chatmurcianys.com
clarityapp.in
clothescarefulham.co.uk
moca.co.in
coop2.grobox.co.ke
startkorea.co.kr
developer.codebase.mx
portal.staging.crilabs.net
cybershit.de
dlkanth.dev
images.dnwplatform.com
customershipping-d1.dpduk.dev
quizsapfi.edmar.dev
cards.emg.fm
appfc.ferreiracosta.com
ims.finncub.com
rinkeby.fluidlabs.xyz
www.fullmetajackal.com
www.funmeee.com
sacramento.g2canal.com.br
getbrb.com
unsubscribe.headstrt.com
my.heedsource.com
indecision.holdenmonroe.com
www.hypervr.games
www.kikenyatours.com
krfn.co.jp
emnlp-demo.editor.langsmith.co.jp
linfieldstables.com
opendatadev.londonhydro.com
macroalgasperu.com
sb.magmic.com
www.mako.io
mcalesterdds.com
mealgroove.com
l.medbound.com
admin.moderngolf.mindfulgroup.net
www.myreme.pl
www.natevanbonn.com
www.neoufitness.com
staging-assets.newjobscanner.com
nextgeninvest.in
nolsonlabs.com
admin.quantifin.org.za
www.overt.com.br
p2pside.com
app.pacioli.ca
app.paven.io
www.pephands.com
embed.picky.recipes
app.pikpo.work
nca.piticommerce.com
playasnudistas.net
link.demo.plaze.org
pluraling.com
www.pricebajar.com
probablyzen.com
raptormaps.productsignals.com
mms.recruiting-solutions.org
robertgolawski.com
samplia.com
c4c.samyok.us
www.schuelig.ch
www.scoreops.com
servicefolder.com
sle.siapco.mx
sigec-elfuerte.com
links.ibpj.sofisa.com.br
dev.srdanstanic.com
www.str-it.de
online.strongermen.org
client.studely.com
auth.swiftdoc.com
www.tambolabook.com
www.targetprops.com
dgmrthailand.teedteed.me
www.telecious.com
www.thedevlab.in
backup.themos234.com
thepowercourses.com
trektube.com
trident-hr.com
udhiya.ca
dev.pos.uvutechpos.com
vrmbox.varmego.pl
vinologist.co.za
wifiqrcode.com
ycbh.in
Other domains in certificate