Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=mycoffeestory.cz
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 30, 2025
Valid Until
February 28, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7F:B8:80:C1:48:9E:19:B1:DC:BD:4F:EB:1C:09:AB:DA:A0:90:73:31:2E:46:AE:06:38:9F:79:68:06:BA:E5:EF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
qa.mylnk.app
a2bwestmids.com
www.adivinalapalabra.com.co
www.advisor8.com
advocateaneesh.com
fit-tracker.agweb.dev
www.alasdesangre.com
www.alexeyrodionov.com
salesdeck.asbsports.com
market.atlas-app.org
apiexplorer.ayrshare.com
login.babynamespedia.com
stats.beamian.com
crm.bestserve.in
ellioderocio.bracelit.es
puenteromano.bracelit.es
tis.bracelit.es
calculadoradefisica.online
www.audio.choosewithin.com
www.coast.ai
quotes.coolrmsil.com
www.csavargomagazine.com
cyyus.com
www.dcare.lol
devtrategy.com
digiboards.io
www.eco-drive.app
www.engyn.io
community.enhearten.io
staff-apk.enkept.com
staff-stage-apk.enkept.com
app.f2rt.com
www.factoreal.io
my.fairdyne.sk
liptovskastiavnica.fitqube.sk
flashme.fr
www.flickswift.com
www.fullstackspider.com
futuresmoneyprinter.com
funcionario.getdesk.com.br
www.glstechnotrade.in
app.louna.graphite.space
api.greeteat.com
hanowa.me
www.helencramer.com
sample-r.s.hotekan.com
hyperloop.biz
jasoncrandall.info
jeremykarkanis.ca
just-lifting.com
www.justpic.in
www.karfleet.com.br
kendisinindoktoru.com
www.khalildiag.com
kiratravel.ch
kolarik.cz
www.laveniradubon.fr
app-stag.le.mu
legalbrick.it
app.logtap.com
www.download.mebooks.co
miketechsol.com
www.monstruocanela.com
www.munawarmehraj.com
jamaica.murderwatcher.com
arifnurfajar.my.id
www.arifnurfajar.my.id
mycoffeestory.cz
demo.noga.dev
links.backen.staging.oetker.digital
procrastination.oka-ryunoske.work
passiver.ai
images.peeknest.com
api.pimpampoum.lu
dev.plum-connect.com
prettygau.ch
test-assets.primerewardspot.com
punjablaminates.com
www.qiu-y.com
rangschikking.be
www.rebuz.dk
admin.staging.restoplus.com
rickyprovan.com
robertfalkenberg.com
santaslabyrinth.com
signatureconcretekc.com
sikkimteer.com
sitwech.com
www.slash.ro
limitlessadmin.solferinoacademy.com
tanabat.sorav.it
activobuilder.stx.com.mx
bs21check.thai.run
new.tilde.digital
pokevs.tssol.net
app.tutramiteya.com
victorianeustel.com
wcarec.com
wildlifehero.com
sessions-admin-dev.workshop-live.com
Other domains in certificate