Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=menu.izfood.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
57 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
66:00:3A:C4:35:A0:3F:9E:D2:A5:8C:CD:45:21:CD:B6:69:2A:34:A6:35:A5:70:8A:50:EF:25:C4:E2:07:3C:7C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
supplyear.com
nap.0xlabs.me
www.5sn.app
8bitbiss.com
games.aboulhoda.me
app.adiantesa.com
www.asbsportsinc.com
www.autalytics.com
www.ayushsitar.com
api.live.b-reel.com
baltee.fr
short.solutions.beclm.com
testownfcm.bonrix.in
www.bowandbeautiful.com
builditagency.com
burgosweb.net
carlosgonzalezespejo.com
www.cavuaerialservices.com
www.changehuahin.com
donations.chefugee.org
coimpul.com
store-admin.cutaway.com.tw
core.compary.com
dal.admin.convercus.io
www.cruiseshippictures.com
www.descantscoring.com
doveguardarlo.it
dragonereum.io
wfm.dev.link.drivs.io
cejam.drtis.com.br
dskdao.xyz
www.eazycash.id
lm.edcliente.com.br
fnbce.falkor.io
forpetsbypets.com
predev-dashboard.futuralabs.rocks
stage.futuri.education
discountcode.gastronaut.ai
gjallarhorn.news
app.grocerystorezim.com
api.groupspot.app
stagingvisite.hausvalet.ca
www.developers.iarahealth.com
app.indiagold.co
www.irrly.com
menu.izfood.com.br
jaredjpeters.com
www.johngoza.com
www.kaftechusa.com
www.karinaagaian.com
enterprise.keywordsai.co
nft.knobs.it
s.koibu.me
lagunasanjuanhueyapan.com
learnanopod.com
lingwheel.com
lonelyraids.com
martinshelley.com
www.miguelsanchez.co.uk
evaluate.attractions.failte-ireland.mobilitymojo.com
mundokataros.com.ar
nbinfo.eu
hub.nhayeu.com
novyos.com
oedu.dev
www.omegaautomoveis.com.br
onesail.in
pianolessonsnorwich.com
authclientdev.propelledbrandsdev.com
firerater.pwn.quest
app.qventana.com
cpanel.rcloudsoft.app
reismiau.com.br
renew.retail-ai.jp
sageye.io
seastarshipping.co.za
dev-app.seedtrace.org
simamdigital.com
skeptonomics.com
slittrell.com
www.somameapp.com
www.songshield.com
www.sparkwallet.me
www.srirastusubhamastuevents.in
sweetfilm.app
s.sz.sa
talkone.com.br
techenonow.com
therealtypa.co.za
truckerheaven.com
go.truthandtales.app
app.twitch0.com
ultrababy.io
share.unifilm.de
auth.unthread.io
userbit.com
www.vilannail.com
beta.app.visno.no
condomi-stg.zetaone.com.br
zoyanaheed.com
Other domains in certificate