Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=kapadokya-pizza.de
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
March 18, 2026
Valid Until
June 16, 2026
34 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2B:C4:05:44:5D:D4:DE:D3:A0:90:39:8E:1F:F9:AC:3F:2F:B3:12:09:72:75:06:00:45:61:FD:84:86:8A:0A:11
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
mindmester.com
*.mindmester.com
*.demo.mindmester.com
*.mobile.mindmester.com
*.news.mindmester.com
*.staging.mindmester.com
*.ww12.mindmester.com
*.www.mindmester.com
aesphoto.com
*.aesphoto.com
*.byby.aesphoto.com
*.h5.aesphoto.com
*.web.aesphoto.com
aventurasparasolteros.com
*.aventurasparasolteros.com
*.news.aventurasparasolteros.com
*.nl.aventurasparasolteros.com
*.play.aventurasparasolteros.com
domain-easy.com
*.domain-easy.com
hsland03.online
*.hsland03.online
*.rustore.hsland03.online
*.303ad1d8-5823-4736-ba4a-7d210cc4ab30.hyperglot.dev
*.62f9b9c6-07f2-4df2-a393-081a4bcc5ff7.hyperglot.dev
*.admin.hyperglot.dev
*.api.hyperglot.dev
*.app.hyperglot.dev
*.assets.hyperglot.dev
*.cpanel.hyperglot.dev
*.cpcalendars.hyperglot.dev
*.cpcontacts.hyperglot.dev
*.demo.hyperglot.dev
*.dev.hyperglot.dev
*.ftp.hyperglot.dev
*.hostmaster.hyperglot.dev
hyperglot.dev
*.hyperglot.dev
*.m.hyperglot.dev
*.mail.hyperglot.dev
*.ntwmnperm.hyperglot.dev
*.perm.hyperglot.dev
*.photos.hyperglot.dev
*.send.hyperglot.dev
*.staging.hyperglot.dev
*.test.hyperglot.dev
*.webdisk.hyperglot.dev
*.webmail.hyperglot.dev
*.whm.hyperglot.dev
*.www.hyperglot.dev
*.yotnmstaging.hyperglot.dev
kapadokya-pizza.de
*.kapadokya-pizza.de
mgm99fun.info
*.mgm99fun.info
*.ww25.mgm99fun.info
*.nagadimari.nidaparkbomonti.com
nidaparkbomonti.com
*.nidaparkbomonti.com
*.vpn.nidaparkbomonti.com
*.admin.oceansidecleaningservices.run
*.assets.oceansidecleaningservices.run
oceansidecleaningservices.run
*.oceansidecleaningservices.run
*.sitemap.oceansidecleaningservices.run
royalbuffet.com
*.royalbuffet.com
*.w.royalbuffet.com
*.wildcard.royalbuffet.com
*.ww8.royalbuffet.com
*.www.royalbuffet.com
*.game.sunzone.com
*.hr.sunzone.com
*.mail.sunzone.com
sunzone.com
*.sunzone.com
*.vcsa.sunzone.com
*.cdn.vintagesexx.pro
*.cdn3.vintagesexx.pro
*.portal.vintagesexx.pro
vintagesexx.pro
*.vintagesexx.pro
*.www.vintagesexx.pro
*.flow.xn--llar4-5ta6rg.com
*.ftp.xn--llar4-5ta6rg.com
*.ww01.xn--llar4-5ta6rg.com
*.ww25.xn--llar4-5ta6rg.com
*.www.xn--llar4-5ta6rg.com
xn--llar4-5ta6rg.com
*.xn--llar4-5ta6rg.com
Other domains in certificate