DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt

Certificate Information

Subject
CN=cookstreet-coffee.co.uk
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 25, 2026
Valid Until
July 24, 2026 76 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
55:42:43:78:6E:E3:4B:4F:47:6D:40:F5:D6:84:E3:0F:8E:B4:8B:36:11:CC:72:8F:DD:80:C9:23:18:29:BF:9D
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
trafiz.net *.trafiz.net *.cpc.trafiz.net *.mttrack.trafiz.net *.t1030.trafiz.net *.t1193.trafiz.net *.t1484.trafiz.net *.t2936.trafiz.net *.t2989.trafiz.net *.t3106.trafiz.net *.t3271.trafiz.net *.t3288.trafiz.net *.t362.trafiz.net *.t363.trafiz.net *.t364.trafiz.net *.t999.trafiz.net

Other domains in certificate

aalhs.co.uk *.aalhs.co.uk
carmarthenmarket.co.uk *.carmarthenmarket.co.uk *.ww25.carmarthenmarket.co.uk
commerzubank.de *.commerzubank.de *.firmenkunden.commerzubank.de
cookstreet-coffee.co.uk *.cookstreet-coffee.co.uk *.ww25.cookstreet-coffee.co.uk
*.a.galaxy6688.com galaxy6688.com *.galaxy6688.com *.intranet.galaxy6688.com
hamburguesas.net *.hamburguesas.net *.malibuzz.hamburguesas.net *.ww12.hamburguesas.net
hebexo.com *.hebexo.com
*.dan.iquotes.in iquotes.in *.iquotes.in *.m.iquotes.in *.mx.iquotes.in *.ns1.iquotes.in *.whm.iquotes.in
jiantaixiang.cn *.jiantaixiang.cn *.support.jiantaixiang.cn *.wwww.jiantaixiang.cn
kerstins-kerzenwelt.de *.kerstins-kerzenwelt.de
*.m.mktad.com mktad.com *.mktad.com *.ww12.mktad.com
pagislot.biz *.pagislot.biz
parkingatendant.com *.parkingatendant.com
pescabrasil.net *.pescabrasil.net *.ww25.pescabrasil.net
*.hostmaster.questionedisoldi.it *.mail.questionedisoldi.it questionedisoldi.it *.questionedisoldi.it *.reporting.questionedisoldi.it *.w.questionedisoldi.it
rexonspares.co.uk *.rexonspares.co.uk
*.post.simplyofficejobs.co.uk simplyofficejobs.co.uk *.simplyofficejobs.co.uk
*.admin.tunus.it *.dash.tunus.it *.hostmaster.tunus.it *.mx.tunus.it *.supersets.tunus.it tunus.it *.tunus.it
*.hostmaster.vapofi.com vapofi.com *.vapofi.com *.ww25.vapofi.com
*.32.wellsub.com wellsub.com *.wellsub.com
*.sitemaps.xn--fjq449b20i455b.com *.www.xn--fjq449b20i455b.com xn--fjq449b20i455b.com *.xn--fjq449b20i455b.com