Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=stg-admin.lookrec-staging.work
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 23, 2025
Valid Until
March 23, 2026
83 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
8D:A6:89:95:4E:45:B9:CC:8E:9B:21:57:9A:13:EC:97:61:56:FC:D9:E6:DB:26:54:2E:FE:2B:72:2F:7E:09:58
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
angryalliance.org
www.agendy.com.br
allin-th.com
invoicelly.andrekelling.de
argent.to
inqueue.arkerlabs.com
bestpack.cz
i.bjorn.co.za
bocadopixel.com
go.bookmytokens.com
canza.sk
www.casacolibri-ediciones.com
admin.charat-kuji.jp
cheiron.io
driver-app.cleanbox.co.il
smartflyer.co.in
bytetobite.com.my
www.takeoff.com.pk
www.compoundfox.com
crcletas.com
www.datamatchingworks.com
dsd-sam.drammensportsdykkere.no
exploitant.app.dsinstruments.fr
orderonline.eatinn.com.au
karaage.enigmahouse.jp
farm4wrd.tech
fleet-business-demo1.us1.fleet-dev.com
fleet-driver-demo1.us1.fleet-dev.com
fleet-hub-demo1.us1.fleet-dev.com
fleet-operator-demo1.us1.fleet-dev.com
fleet-traveller-demo1.us1.fleet-dev.com
deep-link-test.global66.com
auth.ground.news
admin.guiasfundesa.com.br
cumin-moonstone.harecord-dev.com
www.hunterchildrensclinics.com.au
www.iassystems.com
www.inferdog.com
www.intelihogar.com
dev.intellestate.ca
valeamigo-dev.intelligential.tech
www.istoc.app
projects.jorisp.nl
refer.jpremit.com
jsonmole.com
www.jsonmole.com
www.kabibot.com
tetsukenrally.karakuribooks.com
thythy.kasoft.vn
demo.kint.rocks
www.kyoko-janai.net
laacademiaespanol.com
www.leonari.dev
lexifind.io
reconinfosec.app.limacharlie.io
unilever.logivan.com
stg-admin.lookrec-staging.work
lvilepek.fi
markoni.rs
midknitecreation.com
www.mobilehoopsutah.com
www.moviereal.co.uk
tracer.mtsc-solution.com
myfolio.com.au
duyasticker.nawarika.shop
www.nstuttle.com
openminded.love
pastelight.com
plantatree.live
www.pplan.top
www.psicarlosrocha.com
apps.public-plus.jp
vendor.rakmy-stg.xyz
www.rendersanctum.com
s2pedutech.com
seeyourself.app
www.showguts.com
app.uat.simpleplatform.com.au
siriusokna.sk
www.softuniverse.org
pixis.eganhub.spark-staging.dev
app.spicyaudiobooks.com
meet.studicon.com
redirect.studicon.com
logistics-dev.stylecarousel.com
talentreferralhub.com
taxeedee.com
www.ti-tech.ai
app.timesheet.io
treedom.live
admin.equipment.troop30lr.org
turtledoveinvestments.ng
uckers.app
whisper.vandromme.co.uk
app.walletactivity.com
weaglewash.com
www.webs-support.com
webucate.com.au
yasarahmed.de
www.work-with.yourself.health
Other domains in certificate