Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=beankonducta.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 20, 2025
Valid Until
March 20, 2026
85 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C7:5B:30:98:25:B9:2E:E3:0B:D4:B1:1D:FA:86:C3:2B:EC:95:5E:5B:CA:B4:8F:4F:DE:33:EF:D1:F3:29:F3:2B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
bestofka.cz
1guavasite.com
faq.islam.adiop.com
agroform.de
deetrox.aimcomely.com
ezith.aimcomely.com
rugby.appliedinnovationexchange.com
www.arcanumarcanorum.com
arquitetogamer.com
www.asteerius.com
autohuoltotaponen.fi
bazaaroath.com
beankonducta.com
www.centralcorona.com
saitoshuka.chance-store.jp
www.changyuwu.me
chicagotopcleaning.com
crunchyroll-staging-api.closedcaptionconverter.com
www.cloud2mg.com
documentos.comprarcasa.com
contractorscentre.com
crabadakingdom.com
www.cruiseabout.com
www.davidsurprenant.com
www.devspear.com
dezatike.com
dezind.com
www.digitalassetindexfund.com
dmevolution.com.br
smartscreen.easysignage.app
data.ecmo.app
elegosolutions.com
etrustinc.com
dev.fareclock.com
farnost-hosteradice.cz
fastsafe-pro.com
figandleaves.com
filterflow.app
financeformuslims.com
flowlylink.com
flowsportclub.com
staging.read.forwardchess.com
www.geisel-web.de
rp-staging.gestion-traiteur.app
site.globalsuq.com
blog.hectorcho.com
www.hireoutstationtaxi.in
iamkanye.com
ideawebber.com
dripto.innomed.in
integrityautohrd.com
intermediumemp.com
www.iowave.in
jawedsway.com
jenniferzardus.com
jessicachinn.com
jobyo.io
joshuaforvermont.com
keremergur.com
www.kursatufukcoskun.com
www.lapatatechaude.ca
fms-evcharger.lsceco.cloud
www.lucianolagassa.com.ar
www.m-rental.co
www.maistorai.page
beta.metacogmission.com
michael-orenda.com
dev-pro-v1.milva.dk
moowstudios.com
www.mountainvmushrooms.com
www.pu-business.myreshn.com
nbdigi.com
www.oxeye.ai
peakpodcasting.com
www.phobosplan.com
auth.planmo.com
play.primetimemath.com
promptmonster.com
www.rashchupkin.com
rishabhrahul.com
admin.santlopon.com
go.shinnova.io
www.sjnarmstrong.com
www.sporttiming.app
app.squadx.online
euna.stl.dev
www.suddenbooks.com
symteq.io
www.teenslippers.nl
www.timessquareinc.com
www.tinttech.ch
www.traditionequipmentleasing.com
korper.turnosweb.app
sportclubtlkbelgrano.turnosweb.app
www.unbadpaste.com
universalcart.online
web.vastraapp.com
vndynapp.com
app.wealthenv.com
zweitblick-lektorat.at
Other domains in certificate