Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=cmrcoffee.co.kr
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 01, 2025
Valid Until
March 01, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5D:62:73:CA:30:31:06:EC:16:6C:26:17:7E:41:9A:8C:65:88:0D:25:9B:F0:0D:56:3D:9C:D8:B4:D1:B2:17:35
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
admin.departspares.com
w.abacus.co
papertrail.abumpus.dev
alsanadi.com
platform-s.alter-5.com
www.amparosec.com
api.andteam.com
www.anybodies.io
testing.aplano.de
link.aprende.com
artificial-intelligence.lol
www.athleticroomprops.net
www.automotiveinsanity.com
bebnista.pl
coach.stage.bestathletes.co
bountifarm.com
bumblebee.io
commandefournisseur-outils.cafedemarie.fr
dev-app.chartlog.com
www.clctr.app
www.clinicasabra.com
www.cloudinfra.in
api.shinkan.co.in
fruithaven.co.in
megacabs.xpulse-cms.co.in
cmrcoffee.co.kr
www.cmrcoffee.co.kr
panel.contax.mx
600mwc.cpachecorealestate.com
duplaem.hu
link.eatie.in
eloniscool.com
www.ettnollproduktion.se
www.f-billing.com
uk.familybyfamily.info
www.firebase.press
fiveguyz.in
fonostellamonteiro.com.br
friendsandfamilymarket.com
lalahi-cms.hicity.world
highxp.com
ctms-xp.hu-care.com
iimbangels.com
preprod-showroom.imagin.studio
internetspace.co
admin.fairprice.invue.live
www.johnnycommits.com
journolabs.com
khaanapeena.app
dev.kultursphaere.sh
www.lessonsquared.com
logicerrors.com
connect.looker.com
magnetic-poetic.net
mamakoduje.cz
app.meuamigotemumsitio.com.br
mitwire.com
mshatry.me
auth.myleos.org
staging.mypowerpak.com
neurosparked.com
borabora.omnicon.co
auth.opentracks.app
phaserloading.com
link-dev.picso.ai
pixelhi.io
www.pollostellos.com.ar
porinhaka.fi
www.prothama.com
sapaudiacaffe.order.pulp.eu
www.qualiaxr.com
view.quickreceipts.co
rampyaaryan.me
sync.redbull.co.za
safepassai.online
sauravphotography.com
store.scandal-capsuletoy.com
sepreneurs.com
sherwoodacademy.it
simpl.fyi
www.sirajcottonmills.com
skillrefill.in
spelarpoolen.se
bodaesmeraldayrodrigo.swanmoments.lat
staging.switchboardlabs.xyz
taxib.mx
auth.techket.com
test.tipperapp.nl
harmonie.tresastronautas.com
www.tuqire.com
www.turkeyinvestmentproperty.com
www.twiedalia.nl
manusha.usefuleverything.com
www.vcardmaker.com
vtorg.vtsbharath.org
mitra.wifime.id
www.wijin.tech
xidem-medical.com
yucasi.co.jp
app-staging-hot.zenport.io
Other domains in certificate