Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=kraftstoff.bibeltag.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 10, 2026
Valid Until
April 10, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
44:E6:B7:12:F7:47:D2:99:6A:E2:79:BF:B7:D3:9B:33:A1:75:00:DE:DA:4D:EA:31:0F:FC:71:0A:62:A8:93:42
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
sparkle-steps.com
aarveetraders.in
cloud.undiknas.ac.id
buduammo.acwo.lk
geniussync.admpolaris.site
aeroinfinitydron.com
atilal.ly
kraftstoff.bibeltag.org
pre.bikecrm.app
www.bisericilive.ro
www.bjornstadlunch.no
admin.borkconnector.com
app.botskyc.com
docs.botskyc.com
www.bravosix.io
playjumper.c6x.app
app.careergame.com.br
cherubimambassadors.org
usvalidation.clearquote.io
zorya.co.in
app.10bet.co.zm
coachtravel.scot
auth.google.codingbear.dev
tesisat-izmir.com.tr
conglive.sbs
converge.zone
media.crash2cash.de
www.daocbuddy.com
www.dimension-solutions.com
lets-code.dmap-community.org
dwaragavision.in
dzolicdigital.com
ehsaspirants.in
elettricistafaenza.it
enerlytics.no
uat-manipal.finncub.com
www.garudaindonations.com
js.gobook.site
news.greeny-app.com
snooker.hamzaashrafi.com
hikingadventures.fr
hiringbull.org
www.igloocoolingsolutions.com
www.indahhousekuching.com
insightsreal.ru
register.joshbauer.com
jubilaconcecy.cl
www.junipop.me
www.kurze-durststrecke.de
www.laciudaddelasmareas.es
www.lbphotos.co.za
leadmagnetai.se
t.leelanupab.com
lexlevel.cl
app.liftun.com
decisionnel.lirove.eu
app.llmedicalclinic.com
auth.locring.com
lostcount.golf
www.lostcount.golf
www.loyaloakpartners.uk
marketim.site
app.meet2notes.com
re.mottini.org
im-firebase-api-dev.newsocksmedia.co.uk
neztu.com
onpointapp.net
ordnsway.trade
oms2122.oxfordschools.xyz
firebase.petcareplus.app
phaisprzedaz.pl
app.phaver.it
prompt-cheat.com
accounts.portal.radicleinsights.com
remixstudios.in
www.rune-stone.com
sabira.life
tv.scl66.live
shreejian.com
www.sid3ris.com
sna.gl
pha.sokuyaku.jp
stdhub.site
subkuuchonline.in
www.sunopromptbuilder.com
webapp-uat.surgeonsforsurgeons.com
termservices.pro
smokybeach.thediners.in
thirdversion.ca
triny.in
troli.io
u-me.me
untools.co
playground.userose.ai
stage.ustreak.com
xlr-8.ch
www.projects.zaldyjr.com
www.zhihan.rest
zhihan.rest
vapp.zsds.io
Other domains in certificate