Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.pizzabieres.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 23, 2025
Valid Until
January 21, 2026
45 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
EC:FA:28:B9:EB:2F:DE:3A:5F:AB:9F:E2:53:8A:B9:06:89:02:3F:2E:AE:A2:B5:CA:51:4A:B3:69:FD:67:79:4B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.yunjae.info
2040.im
circles.adva.io
agent-system.net
aizone2.pro
www.anabelle.cool
next.angular.io
links.barticket.com
www.buybuycenter.com
bytakora.com
mobile.cattailer.com
cleverblocks.io
react.hostingsites.co.in
fe.dev.codra.se
www.constantine-minhagim.com
auth.cords.ai
link.criptoladrillo.ar
fire.deepit.in
definitiveinventories.co.uk
devengineeringlibrary.co.nz
app.diengcool.com
staging.digih.nl
charset.dyno.design
colegioatid.edu.mx
frontiersofexelon.com
app.getkosmos.io
portal.greaterheightssch.org
www.heribertotejo.com
ar.staging.illust.space
www.instacarousel.com
www.intuitive.page
iotbay.in
firebase.itky.in
itpm-consult.de
mea-api-qa.itxi.aero
qualicliente.dev.portalcliente.izii.io
admin.jodacare.com
www.kioskoelboricua.com
www.kravcoach.nl
kreatific.com
physician.stage.lifemd.com
link-ai.co.jp
dev.maineventathome.com
portal.mandy-app.com
www.marcellaza.com
mastok.no
add-dev.meeter.de
www.metalcort.net
www.motoveapp.net
retail.mymoons.co
mythicarchive.net
www.napes.co.uk
www.nationalprowarranty.com
pic-openbet.mentor-na.neccton.com
newspace.im
nextcraft.cz
drooley-pizza.nextorder.com
nishantgoyal.in
numbernumber.org
www.objektia.se
www.offerstreet.in
ohanaevents.in
nhsa.ondagoapp.com
issuelog.pacificrimgc.net
www.peoplenergyconsulting.com
www.pizzabieres.com
gostop2018.pmang.com
pwnwizard.com
qualigiate.com
rentafi.org
salus.sh
www.sam-harris.co.uk
www.samnahbaladi.com
sayedu.net
fr.setkeeper.com
setupai.fr
www.sliitfoss.org
www.spidergame.net
sull.vn
trinitas.syscap.com.mx
takemeouttoronto.com
crm.tancongnghe.com
www.tcitl.in
www.tersinesat.com
thedeliaapp.com
toptilestramic.com
www.ubicuo.com.ar
arcade.unboared.com
www.usdtea.io
www.vesoir.com
victor-mal.in
alibo.vistarsoft.com
cdn.es.voxelmax.com
engage.wdsra.voyagernetz.us
wellgroomedbarber.com
witnesstoolboxapp.org
xca.pe
www.xpotradeventures.com
tule-fb.yushakobo.info
zoocratesmusic.com
Other domains in certificate