Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=api.bubble-buy.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 22, 2025
Valid Until
February 20, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
ED:44:9B:03:79:0C:9B:30:CF:CF:90:D4:EF:17:E4:1F:8A:AB:39:52:4B:8F:98:6E:B4:A6:4C:24:FB:E1:9D:DB
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
poe-surveillance.mohw.bz
2020.leanability.com
www.99andpartners.com
www.addtextapp.com
ademozgur.com
alias-solutions.net
www.amis-citeflavigny.org
amplifyvote.com
arkabia.com
www.bitcoin.bid
www.bitswot.com
api.bubble-buy.com
cannonsoft.dev
www.capya.se
scheduler.clr.im
www.codeworks.com.ar
destileriafernandezlatino.com
www.devcon1solutions.com
beta.dotmystyle.com
www.drydenlong.com
www.eatrics.eu
cms.energotoplinarstvo.com
onlineexhibition.freedomanatomy.com
lambda.gaborcs.com
www.grazion.com
detexify.gustavfredriksson.com
web.happily.ai
app.hugitalia.it
www.infamouskydiving.com
ingresso.center
lboard.it.com
www.jordancabins.com
t.bo.jug.im
tokens.kawatta.com
kimtanduong.com
kmjconstructions.com
deathpool.knickj.com
kshetrainfotech.com
ai.leventefazekas.hu
lonsdalemarine.com.au
lugo-app-admin.com
app.m2xsoftware.com
maes.mx
www.malamyuk.top
www.matthiastrilsbach.com
melissaben.com
mephheads.com
mezmerikgroup.com
onboard.mymistress.ai
nebuapp.com
pic-happytiger.mentor.neccton.com
login.netlaw.com
app.nexobuild.com
nlslabor.com
share.nota.club
dynamiclink.notino.com
shop.nowhere-collective.com
www.ogpcr.com
v1.omar45.com
www.onboarding-mate.com
www.onetreelabs.com
opxiimoveis.com.br
piedparker.app
pkwcurrency.com
playcribbage-online.com
pradeepsingh.me
www.ramantandon.com
www.reacttrivia.app
www.reefdog.com
repricetracker.app
annar.roomin.app
roomview.io
connect-ng-registration.rxoconnectint.rxo.com
samuel-hills.com
www.schiewe.dev
backend.skiklub-oestertal.de
staging.mobile.slconference.com
slideshowmaker.org
www.source-fellows.com
imaprotect-app.speakylink.com
stacygaudreau.com
stagesacademy.co.uk
stinkysockshockey.com
stoick.fr
paradisepointspa.studiossolution.com
dev.swiftscience.com
www.swordfishwp.com
thecommoncoder.com
thefleetlabs.com
www.thetinkertaylor.com
thetoebros.com
tolgaoktar.com
verdantlabs.com
leejanssenmotors.vinsyt.com
wallible.com
app.wearefairgame.com
www.wobith.com
yogendra.me
www.yolyardimcim.com
kapkitonyfcs.zaoletu.com
Other domains in certificate