Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.goyshop.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
December 05, 2025
Valid Until
March 05, 2026
66 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F3:DB:35:67:03:0F:3E:44:DC:2F:06:AB:1F:FD:1B:AB:BF:F9:AA:7B:27:7D:F2:47:9D:5E:99:DA:C0:4E:E3:64
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
go.magister.com
0xharkirat.com
1crewgames.com
letsquiz.1crewgames.com
beta.tracking.99minutos.com
abix-signin.abivin.vn
alesandrodellajanna.com
alexhang.com
mapa.alineperim.com.br
www.about.altex.mn
ambuj.tech
amen.bible
360-test.bevy.pl
oapp.beyondmenu.com
briobrill.com
fidelidade.careplusclinic.com.br
www.goodmeds.co.in
resoluteresources.co.zw
user-legal.coconala.com
gab.com.et
link.coolfirecore.io
cortinaasociados.com
www.crypt.dave-becker.com
www.dentio.org
qrcodefacil.devribeiro.com.br
wycena.difu.pl
doncuak.com
www.dondesepuede.com
juntachecking.door4c.com
ademi.drclik.com
apap.drclik.com
www.kir.elagin.me
auth.elixor.io
www.emonsolutions.com
emprendella.com
shelf.evtit.com
familiadocens.com
ferrequiposdelacosta.com
app.staging.form-publisher.com
www.formikapraca.eu
gainguides.com
garaujo.space
app.geniustools.io
app.ginih.com
admin.gosunow.com
link.gosunow.com
app.goyshop.com
recipes.gromas.lt
groupcod.com
acc.dots-and-boxes.hjvv.nl
hub.hni.ae
housevilis.lt
iconawesome.com
iddict.com
www.iddict.com
test-system-tour.illumina.com
intuifycode.com
dl.zxc.io.vn
www.khoangiengcantho.com
www.krgr.pl
www.lalethagovindhanschool.in
xn--eba.lolli.com
auth.madlad.tv
www.maquinasdehielo.pro
vodvoz.mgw.cz
www.mindsolveconsulting.com
login.misterai.io
myflipclip.art
assus-components.nawebb.com
www.notamaestro.com
oddlier.org
www.onthecard.me
www.padretiago.com.br
lojauniversal.pedrosn.com
medicijnwijs-uat.pharmi.info
medicijnwijs.pharmi.info
www.prodentalsantafe.com.ar
raqamshase.com
community.rheinenergie.cloud
schema.robocupjunior.nl
www.rudrabinarysureshot.in
auth.skipr.co
perps.solidlizard.finance
learnhtml.soturimedia.in
cms.taxihaarlemservice.nl
theboycottsignal.org
xn--tu8h.valtteriskog.fi
www.vbesort.lt
demo.admin.votebase.com
www.wcbfit.com.br
api2.wojnawarzyw.pl
xn-----6kcbisammyezdqp6apt8s.xn--p1ai
www.xn----7sbholrdiig2bfz.xn--p1ai
xn----7sbholrdiig2bfz.xn--p1ai
xn--4dbgem7brb0ahd.xn--5dbnct.xn--4dbrk0ce
xn--80adg3auu0e.xn--p1ai
www.xn--eiscafe-siebenhner-06b.de
xn--historiawzasigu-l9b.pl
www.xn--mniejlekw-d7a.pl
www.zamparg.com.ar
Other domains in certificate