Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.lokationagent.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 24, 2026
Valid Until
April 24, 2026
81 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B0:D0:F0:3D:06:E4:AA:11:C3:E2:BB:06:23:D8:6C:6C:D6:11:AC:76:4D:E8:DD:57:7B:38:BD:23:A2:1C:65:60
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.ligosports.com
website.11yearsafter11.nl
kaku.180d.jp
www.aldrenet.com
allonesun.org
developer.docs.alumio.com
mallorca.ardent-training.com
www.bikers-sharegarage.com
bqbl.futbol
brightertomorrow.com.au
butikasistan.com
www.carevalet.com
carseekeu.com
chouchousoft.com
www.clashbasepedia.com
app.fizzy.co.id
gudbud.co.in
coderexploder.com
events.coditas.com
staging.collegelistpro.com
archive.covidredandblue.com
app.darrochmedical.com
discoverlumora.com
www.drtriumph.com
portal.dynamu.co
educrope.edu.np
tech.enjizha.com
logos.ept911.com
www.ericdetjen.com
exciterfashion.com
repuestos.fain.es
app.faxguardian.com
felicityconnect.com
keyboardv2-admin.figmentresearch.com
www.fingermanga.com
www.fire-edit.com
kubeit.flairtechno.com
accounts.flywheel.autos
fronterasky.com
gearless-solutions.com
dashboard.getorda.com
app.go-live.uk
gungo.dev
hllwrd.dev
www.igotcho.com
iipvapi.com
queue-coworker-prod.digitalse.ikea.com
jfortunatojr.com
www.joelogs.com
bgreview.joll05.dev
www.kidskops.com
auth.kkomaweb.com
utnogales.lapieza.io
dev.estates.leasera.com
liebowitz.me
www.localiq.app
www.lokationagent.com
bahakel.madhive.com
my.mindsum.app
www.mohyaghoub.com
moniruzzamanrony.dev
morsenode.com
app.mymovesmatterapi.com
accounts-test.myplayer.io
noride.net
odeacura.com.br
rateboard.onehypernet.dev
unifcvhomolog.orchestra4edu.com
go.staging.paybird.app
pdc-interiors.com
pooptune.com
www.quantummep.com
ryandoe.com
ryanheadley.net
supplier.salesnavsplit.com
sanatmente.com.co
admin.shreelakshmicabs.com
www.siingenieria.com
www.skycthr.com
slatestack.io
snapcaster.net
www.sonnos.com.au
www.sonrisatattoo.com
www.stephanietuerk.net
storylikemine.com
www.sunnydayscoffee.com
sgbal2023.swingtoplaces.com
bryan.tangleapps.com
devplay.taptapwin.co
web.thedrobe.com
hallinta.tolapp.fi
members.vacationsforyou.com
villa-onyra.com
violinstringprices.com
test.visualtourbuilder.com
dev1.wattlogic.com
matsreferral.xeoscript.com
xp-eng.com
nossagente.yesmkt.net
moments.ylsideas.co
Other domains in certificate