Open
Cached
·
just now
88/100
SECURITY SCORE
Certificate Information
Subject
CN=bananamahal.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 29, 2025
Valid Until
January 27, 2026
74 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
25:4B:91:13:39:DB:CD:39:09:8F:D1:50:E0:0D:A9:B1:C5:18:CB:51:E2:97:C7:44:C1:DC:1A:DE:AD:B0:FE:78
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Basic
script-src; object-src; base-uri; +2 more
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.easyleads.net
app-pro.1stcutoutings.com
25points.com
www.agucare.cl
alaamashkouk.ru
scenen.alfrednerstu.com
api-qa.atyabtabkha.com
bananamahal.com
revuto-admin.beyondi.ninja
presskit.biloba.com
exceptionalbim.bimgames.com
my-motion.dev.bioracermotion.com
cakesbykarenrichardson.co.uk
pilotstudy.chintseng.com
nani-gke-release.oneclass.com.tw
admin.controltrack.app
www.cosmicfandom.com
www.drivoslog.com
kolife.eagle21.jp
emberforgeapps.com
www.energisewellbeing.co.uk
www.engeniumtechnologies.com
www.evseinsights.com
www.expectocode.com
fethiyedurakkebap.com
frideo.com
friedfiction.com
www.fullstackservicesllc.com
www.gamper-schwienbacher.com
geektuc.com
ultratask.geetanshaditya.com
ghgcheck.com
www.hometownskitchen.com
dev.ideiadtc.com
insightlatent.com
jacks.im
www.jainaiyush.com
www.joushinji.com
delivery.kesargrocery.com
www.khacphucrori.com
krasch.com.au
app.kurasuite.com
www.laandpho.com
media.laundrapp.com
chat.lecuanda.com
demo.lernit.app
letsgetdinnersometime.com
listique.com
localcalculator.com
www.masonfaulkner.com
www.mazenhammoud.com
mdialand.com
michaelkitchell.com
www.mikeboyd.co
mindfulgp.app
codeheroes.move4mobile.io
muhammadhasan.com
www.ncotoni.com
admin.newroadargentina.com
nomadradiology.com
www.odellhiddencovepark.com
www.onlyagents365.net
orderfoodlive.com
app.ostobuddy.com
app.pansuku.com
s.pansuku.com
dev.peract.io
www.philabs.xyz
photoswidget.com
www.playvinyle.com
www.podeum.live
www.pro-5.de
www.quamspeakers.com
admin.quash.ai
randallnorthdental.com
appemp.reciprocamensa.it
reddotentertainment.com
go.reefwave.io
legacy.rerac.dev
resrvdmanager.com
roadii.com
runningtracker.app
www.sancakmekanik.com
agency.sawaapp.io
googleignite.scoutout.co
help.sougoleiro.com.br
www.sportznfts.com
develop.startona.com
www.stonerichinventives.com
studiocaravane.com
www.syedcontracting.com
pro.photo.thai.run
thephoton.co
app.thpent-global.com
tokafarm.com
tuinakinaterapi.se
vear.jp
villasushi21.com.br
walterafurman.app
www.yayhorsey.com
Other domains in certificate