Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.tobiasbecher.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 15, 2025
Valid Until
January 13, 2026
50 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
36:AC:46:A8:35:63:66:7F:26:A1:2C:F3:EE:FE:A2:B6:25:9F:71:10:A6:69:AE:5C:48:53:9E:97:A2:28:F9:CC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
riceland.vibeia.com
etermax.12traits.com
2019.devfest-berlin.de
webdev.428lab.net
namecard.ac2u.my
agroturk.net
www.agroturk.net
ahmettan.net
airasiavin.com
ait-atlas.net
akiba-tech.net
alassautdusida.net
www.alliancegames.net
andrewnsanford.com
applicotsource.net
apxleads.com
artsakhradio.net
athomearticulation.com
atlanticlabs.com.ar
audiobutterfly.net
tv.bahaiblog.net
baitynet.net
www.bayareahalalfood.us
www.bitswapdex.io
admin.dev.bookline.io
strandgatan.bookmakeronline.se
auth.buildersdiary.com
apo.buscandotupresencia.org
www.byobuzzer.com
casualplayer.net
chezzy.ca
climate.chummar.co
kibana-circuscode-bingo.circuscode.com
livego.vonder.co.th
advertise.co.ug
intrack.com.my
truckrepublic.com.my
www.basnetbinaya.com.np
auth.compeat.app
cornerstone-developments.ca
dauts.net
zelo-staging.eatlab.ai
www.ecoceptive.com
emep.tech
portal.fgtpag.com.br
pro-dev.figure1.com
gbrlmadeit.work
gorilla-sport.de
www.herman.mx
lendpro.hobbstechsystems.xyz
app.ibuycars.net
webinv.jkv.tw
kalajoensuunnittelupalvelu.fi
catalogue.kantiss.com
sudoku.kbar.io
kii.mx
cultosdev.levantandoacristo.cl
www.lewis.studio
manisales.net
manru.ru
config.marquepelozap.com.br
megifalko.website
www.mexicleancleanmore.ca
onlinebooking.nailsolution.us
www.harano.net.br
orchestrastcecilia.ie
firebase.qa.perka.com
podtxt.app
www.priafitness.net
dashboard.propeller.ba
realpluscommunity.com.au
ridez.at
www.clara.rocola.es
www.saibalajidroptaxi.com
schottenhammer.com
link-testing.seamm.io
sharqs.shop
shiftman.app
sportcenter.sogafit.net
stylaonline.jp
prueba.sushiexpresspanama.com
swarttroue.co.za
www.symbotalk.com
appointment.talsee.app
gayrimenkultakip.teksanenerji.com
staking.thesolciety.gg
www.timepasstv.io
www.tmhrakennus.fi
www.tobiasbecher.com
www.triageme.org
u-drive-school.co.uk
links.gakugei.unpaidworks.com
www.uttarpradesh.tech
www.vaconsulting.services
focus.veda.ai
verdadebalneario.com.br
vzpdev.es
beta.winnomi.com
xpeare.com
devapp.zentric.mx
Other domains in certificate