Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=bananamahal.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 29, 2025
Valid Until
January 27, 2026
74 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
25:4B:91:13:39:DB:CD:39:09:8F:D1:50:E0:0D:A9:B1:C5:18:CB:51:E2:97:C7:44:C1:DC:1A:DE:AD:B0:FE:78
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
listique.com
app-pro.1stcutoutings.com
25points.com
www.agucare.cl
alaamashkouk.ru
scenen.alfrednerstu.com
api-qa.atyabtabkha.com
bananamahal.com
revuto-admin.beyondi.ninja
presskit.biloba.com
exceptionalbim.bimgames.com
my-motion.dev.bioracermotion.com
cakesbykarenrichardson.co.uk
pilotstudy.chintseng.com
nani-gke-release.oneclass.com.tw
admin.controltrack.app
www.cosmicfandom.com
www.drivoslog.com
kolife.eagle21.jp
www.easyleads.net
emberforgeapps.com
www.energisewellbeing.co.uk
www.engeniumtechnologies.com
www.evseinsights.com
www.expectocode.com
fethiyedurakkebap.com
frideo.com
friedfiction.com
www.fullstackservicesllc.com
www.gamper-schwienbacher.com
geektuc.com
ultratask.geetanshaditya.com
ghgcheck.com
www.hometownskitchen.com
dev.ideiadtc.com
insightlatent.com
jacks.im
www.jainaiyush.com
www.joushinji.com
delivery.kesargrocery.com
www.khacphucrori.com
krasch.com.au
app.kurasuite.com
www.laandpho.com
media.laundrapp.com
chat.lecuanda.com
demo.lernit.app
letsgetdinnersometime.com
localcalculator.com
www.masonfaulkner.com
www.mazenhammoud.com
mdialand.com
michaelkitchell.com
www.mikeboyd.co
mindfulgp.app
codeheroes.move4mobile.io
muhammadhasan.com
www.ncotoni.com
admin.newroadargentina.com
nomadradiology.com
www.odellhiddencovepark.com
www.onlyagents365.net
orderfoodlive.com
app.ostobuddy.com
app.pansuku.com
s.pansuku.com
dev.peract.io
www.philabs.xyz
photoswidget.com
www.playvinyle.com
www.podeum.live
www.pro-5.de
www.quamspeakers.com
admin.quash.ai
randallnorthdental.com
appemp.reciprocamensa.it
reddotentertainment.com
go.reefwave.io
legacy.rerac.dev
resrvdmanager.com
roadii.com
runningtracker.app
www.sancakmekanik.com
agency.sawaapp.io
googleignite.scoutout.co
help.sougoleiro.com.br
www.sportznfts.com
develop.startona.com
www.stonerichinventives.com
studiocaravane.com
www.syedcontracting.com
pro.photo.thai.run
thephoton.co
app.thpent-global.com
tokafarm.com
tuinakinaterapi.se
vear.jp
villasushi21.com.br
walterafurman.app
www.yayhorsey.com
Other domains in certificate