Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=www.universalcuisines.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 24, 2025
Valid Until
January 22, 2026
69 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7C:EB:C3:7E:19:8F:E7:88:96:6D:D0:F4:13:06:2A:F1:56:E0:BE:B7:5F:EB:24:39:B1:53:AA:5D:52:8F:39:0A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
ssl.com
comodoca.com
digicert.com
; cansignhttpexchanges=yes
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
Wildcard CAs
comodoca.com
digicert.com
; cansignhttpexchanges=yes
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
ssl.com
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 5 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
100 domains
nanny.eu.org
dev.console.28east.co.za
www.alquimista3d.com
ankur.pro
admin.aodesu.com
appnorge.io
www.arrivage.pro
artsko.art
beardsofeye.co.uk
dev.dropshipping.bee-seller.com
www.benthanhrestaurant.fr
blueknife.tech
www.bms-ship.com
www.buddystudy.co.za
links.bvb.de
chungtacungtien.com
cloudevolve.tech
setiaalamsari.southpaw.com.my
app.contactanyone.io
es.covidiarymath.com
www.curryavenue.com
nsl.cxipl.com
d10.dev
www.devstrike.us
digigun.net
team.feature2.digiqc.com
monitor.develop.self.dinii.jp
divotion.nl
www.eclypsium.solutions
emmardeinstitute.in
www.play.escthegame.com
facturabilidad.com.mx
flok.ventures
www.futbalowski.com
www.gearless-solutions.com
dev.plataforma.gestio.school
staging-app.getcaddle.com
www.hotelsilverleafindia.com
status.hydroindustries.dev
joinrps.in
kates.land
appuser.kouyahikosaka.com
leena.dev
redirects.llamy.be
locchuong.dev
chengalpattu.makemytriptaxi.com
erode.makemytriptaxi.com
pondicherry.makemytriptaxi.com
viluppuram.makemytriptaxi.com
www.dev.micralis.com
travel.monstersportsinsurance.co.uk
www.montinu.at
www.myu.ng
www.neucowork.com
njgeorgestoveinstallations.co.uk
objex.university
opesi.fi
paolobassini.it
dashboard.payyit.com
auth.peaceful-app.link
storefinder.pizzaxbloomington.com
app.polylauncher.com
psypec.fr
www.purcreality.cz
purplebits.co.uk
www.pushcomic.com
staging.ratiolator.com
realbzpro.com
fatalis.redsensei.dev
www.reembolsa.me
remotework2077.rflex.io
www.servigasodomesticos.com
develop.editor.shopinn.tw
shopreal.app
www.sem.siapco.mx
snaplrn.com
www.sorcery.one
demo-butler.soselab.tw
spokeitthegame.com
st6dg.games
stammy.se
locker.sticksports.io
api.subdrop.app
www.supertight.xyz
sweeven.live
tactic8.com
taucomputing.tech
tesf.club
anxiety-tracker.thewordisbird.dev
tumbledmtg.com
underscore.com.mx
www.universalcuisines.com
www.uprooted.io
upspin.me
www.vincentcombes.com
wallet967.ru
www.windoe.link
www.thevault.withorca.com
xhop.me
xninjajs.org
Other domains in certificate