Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.helloshelfy.de
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 17, 2025
Valid Until
March 17, 2026
72 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C7:35:66:D2:A7:6E:68:06:D5:F5:2F:66:6E:F5:60:83:B9:FD:7A:12:E7:98:75:8A:81:7E:2A:1E:31:50:59:C2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
ypo.bloccarbon.com
22dconsulting.eu
lowes-kit-style-quiz-test-b.3dcloud.io
lowesvdt.3dcloud.io
www.aceitesnaturalesdelsur.com
invite.oozi.aimpact.ai
ansasolutions.tech
brewery.apibrew.app
www.apphour.com
bangalore.arnidroptaxi.in
b2b-sales-accelerator.de
benwasser.com
www.bhinmalutsav.in
vanzari.bhpmotortuning.com
boostframe.com
chewkokshin.online
dl.clicnpark.com
eran.laster.co.il
hasson-hadbara.co.il
www.preped.com.ph
iremsuu.odakplus.com.tr
concordwallet.com
reset.crickingdom.com
cs-code.de
cs-schmidt.dev
devexp.co.uk
diegovalera.com
www.drbhavanaivf.com
calculator.ejincollective.com
product-source-selector.gassets.emarsys.net
ethancota.dev
a09i.foodle.su
getparagon.app
www.helloshelfy.de
shop.hyloca.com
uae.iampupilar.com
www.instaplug.app
links.jaguarnac.com
jeenamo.com
www.jewishwedding.info
kalkanpad.com
performance.kamiapp.fr
www.kshanikstudios.com
www.commande-mobile.lecentral.ca
www.leeker.io
www.lengoland.co.uk
localbites.kitchen
meloveiculospatos.com.br
mustafademirtas.me
www.mythreadtracker.com
www.ndesk.app
nearo.co
pic-napoleongames.mentor.neccton.com
www.nescorp.in
netica.fr
www.nicoyuste.es
www.noticefly.com
pt11.notpratham.me
ownziy.com
www.paylo.tech
petroexplore.com
placeflow.app
www.portugol.dev
radimare.com
rajneethi.org
renusfancystore.in
www.ringfencing.fun
roadadmin.com
rossclelland.com
rtxmidias.com.br
terminator.sanbao.app
sc.technology
staging.smartodr.in
soyllamas.com
www.spectrum-estate.com
auth.steadyprep.com
techenclutch.com
tennesseecollectionatty.com
theitalianstartupper.com
unisync.theroomieapp.com
thingsbecoming.food
dl.trainingtoluna.com
codigopinamar.turnosweb.app
viggo.turnosweb.app
ultim.pro
link.ultimatebariatric.com
ultimatefan.ca
business.universalcuisines.com
uvrtech.com
www.vehicleshippinggroup.com
videoleap.store
visiowall.pl
visuallogics.in
weforwms.ae
app.windsapp.com
www.yellowgondola.com
new.yogame.com
y83ry5rqb3qcznnc.zimlala.com
www.zingsoft.com
fire.zot.app
Other domains in certificate