Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=bestellen.buonappetito1.de
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 30, 2025
Valid Until
February 28, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
69:FF:09:65:B3:72:E0:6F:B3:89:D9:34:BF:56:0D:F4:6F:03:8E:69:55:C9:8B:36:74:F6:24:E2:69:D2:37:22
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.newmetal.com
bodies.365days.me
366daysfruit.com
www.agilematrix.net
aidial-staging.com
www.amysbirthday.party
andyfrantz.com
share.answerr.app
app.aprenderendirecto.com
barchat.me
links.master.boop.pet
dailies.bradleygraber.com
bswohnbau-in.de
bestellen.buonappetito1.de
www.canadamaplefoundation.org
fermina.clau.io
mealkitz.clau.io
rextract.co.in
www.monarchy.co.tz
precios.oas.com.gt
uni-admin.corize.co.jp
www.countlessholdings.com
crdionisiaplaza.es
graffiti.creasaur.net
preview.creme.com
dan4mstl.org
desertdash.xyz
developnators.com
app.discoverglimpse.com
panel.docstore.in
www.dript.app
www.ezclo.net
fasthealthenrollment.com
dashboard.fiata.org
fillingmycup.org
fitnesslab.jp
a0a0.foodle.su
goalsync360.com
goodidea.com.br
dl.guru.taxi
home-page.io
www.honjo-ds.com
hunchex.com
ywc19.ywc.in.th
individuallist.com
auth.inventrack.dev
www.ipathsystem.com
jacquelineisaaclaw.com
javiccs.com
jenn.dev
joseterra.com.br
kawtharuna.com
knbtelecom.com.br
www.grace.kunath.co.nz
www.kutu.online
lagalaxiadeloleccionista.com
leeandli.net
letmedevapp.com
www.medimystery.com
dev.meetmaeva.com
www.meghal.me
menuffy.com
michaelrezabek.com
app.audit-staging.mvminformatica.com.br
generaltd.nkportfolio.com
www.notebird.tech
octondata.com
paintersonthewayllc.com
www.parakhhospitals.com
pimponchos.com
plamo.ch
plandit.io
quantummep.com
redpandapaint.com
ride-link.com
runloop.com
securion.ai
app.shipra.io
app.simplyreview.com
firebase-hosting-sample.sjp-inc.com
admin.slammtrains.com
somabookstation.com
starwaylimousine.com
demo.stunthamster.net
link.switchcab.com
www.tabletopalley.com
www.taxigy.com
aiblock.techpark.jp
app.theislandline.com
theobarraud.ch
ticks.cloud
explorer-staging-auth.tinyivy.com
www.topbike.ch
www.uprocktech.com
auth.vaultica.io
vianden-trail.lu
medonet.vika.life
warrenclough.com
open.woodstock.club
www.worklistproject.com
Other domains in certificate