Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=staging.loadcall.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 24, 2025
Valid Until
March 24, 2026
70 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AC:36:52:F6:E9:C5:C9:F3:74:11:C7:1D:99:85:D8:32:68:84:10:CF:E9:DD:1D:86:27:8B:A5:A2:E2:35:C0:6C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport,script-src 'report-sample' 'nonce-OPSW9azz-dLIdiHi6mzQUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.vinota.net
adrianbunge.com
www.aerosolutions.xyz
help.agorify.com
alicyouth.org
nudges.neo.apxor.com
www.arcs.app
easy-hosting.avenya.ch
benmoffatt.co.uk
www.bookameetingroomnow.com
dev-talking-talent.pinsentmasons.cake-lp.com
dev-app.cappitan.org
www.cbuathleticscamps.com
cnclaser.com.au
colejrogers.com
anadoludislaboratuvari.com.tr
commresearchstudy.com
emer-adb.conseq.uk
cookatcasa.com
www.creatorloom.com
davidbrandejs.com
diymechaniclog.com
d1-mydeliveries.dpd.co.uk
developers.dstteam.com
elliot-client.elaitch.dev
englishmentors.co.uk
www.ericzawadski.com
psfd.firepermit.online
admin.firstposter.in
www.fishlab.com.au
beta.fleisure.com
www.forcaplay.com
www.funcla.org
download.getcreativesoftware.dev
auth.staging.greekchapter.com
www.guardsec.in
hagemann-hno.ch
headheart.studio
certforum.integra-icp.com.br
inzzisuites.com
voceclube.dev.portalcliente.izii.io
discere.jnatera.info
johnenkler.com
app.justaskric.com
www.survey.koco19muenchen.de
larkboard.com
staging.loadcall.com
manifestacademylv.org
www.margav.ca
mattkleinrock.com
dev-admin.medstaff.care
flux-demo.mindmilieu.com
app.moomugs.com
www.musicofgoldmine.com
myallmarine.ch
www.ninety180.com
www.nordicdesign.co.za
onparkenergy.com.br
dashboard.onyma.digital
visuals-generator.orbitalize.com
ezuzdental.oz-tms.com
www.padmajagraphics.com
app.pagheplus.it
www.palsinghandsons.com
tropa.patricktingson.com
kaizen-profile-dev7.pbcd.net
staging-rekan.pinhome.id
apps.pixeltreat.com
planzy.net
pooni.in
ppperson.de
demo.inventory.prestoexpress.co.uk
cloud.prima.golf
www.profutura.pronutrilon.com
sandspiel.club
www.sefir.dev
en.setkeeper.com
app.shippio.jp
askdrmoh.sinou.io
www.skafis.com
junior.soka-badminton.org
strewlabs.com
app.sublimetask.com
note.subsys.net
systemverilogeditor.com
www.tasand.net
www.tech-lily.jp
faucet.tezotopia.com
test.theculicon.com
www.thepeepholepeople.com
www.timeshel.co
link.ux-builder.co.uk
viajeslasvillas.com
www.victoryubelt.org
iceat.vidocto.com
vinayc.me
whatwillyoumake.today
app-stage.xitester.com
marketplace.xva.asia
zalih.com
Other domains in certificate