Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.bomdrinks.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
February 06, 2026
Valid Until
May 07, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7D:31:6B:5A:6E:C9:A4:F6:A5:AF:0F:53:E8:9B:EC:42:95:B0:87:2A:4F:C5:FB:EB:BF:69:60:2B:DC:F1:65:2D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
pgn2pdf.com
react.dicks.8bit.ca
f.alexy.moe
schemas.alumio.com
netto.appzavr.com
qa.hearzap.apxor.com
atrable.net
sistema.beerads.app
link.betwyll.com
portal.biowellnessstudio.com.br
phibeta.boix.dev
www.bomdrinks.com
url.bpm.app
cadense.net
dev-api-docs.carecens.com
chrisandersenmusic.com
www.clash.lol
insights.crankcommunications.com
www.devdebut.com
dipass.io
eiel.info
driver.qa.evgo.com
cms.expectful.com
facturapido.es
fhl.one
vendor.foreverware.app
fractalix.dev
amino-auth.genoma.io
bernie.getzoyan.us
www.ghzwani.com
givememoneyfornoreason.com
blog.golfhq.com
www.gorilla-sport.de
gravityfatigue.com
route.gv-one.com
taps.haaatch.com
hinmantechnology.com
account.dev.hotekan.com
mobile-dev.i-kasa.com
iamrich.fyi
www.indefor.cl
interactiveailab.com
leadapplinks.intervarsity.org
www.iq2.org
irecimx.com
champ.jau.co.jp
www.joswong.me
jpom.me
store.staging.layers.digital
app.livestocktransportnation.com
maledettigiochi.it
milvintsiss.com
www.moyela.co.uk
www.nicolasritz.com
testing.northweather.com
www.operator.app
www.ozdemirbatuhan.com
forstartups.packagejs.com
www.padermo.com
www.perfectsofts.com
piadero.com
www.pitballsus.com
qa-auth.iris.premise.com
www.protecsolgroup.com
pureskindoc.com
quinto.studio
rainbowtechsol.com
oilify.rarepetro.com
raspsolutions.com
ab6ix.re2fe.com
admin.recoris.jp
riversoncosta.com
romainpreston.com
www.roveapp.net
www.sadkow-pigwowa.pl
chatgpt.sancommunity.com
sawir.app
sewsweetminkydesigns.app
spacebidet.com
spinanico.com
steadytrack.app
www.stock-stats.com
training.stopthebleedcoalition.org
pi.techaula.net
textova.de
prototype.thecloudedmountain.com
thedigicraft.in
www.themashagame.com
thesimpleclub.com
thomas-simmons.com
tynispa.com
www.umrahmarket.com
vatsalyahomeopathy.in
vavra.me
dev.storybook.vezham.com
static.cdn.vezham.com
wavelength.nz
www.williamhuang.org
www.xcmh.ch
account.yoursteer.com
Other domains in certificate