Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.ilost.co
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 14, 2025
Valid Until
January 12, 2026
61 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
42:65:78:B4:77:C5:4F:A8:49:D1:B2:59:39:6B:69:BD:95:9A:3F:0F:2D:98:DC:03:5F:53:1A:71:E2:94:C0:39
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
assets.ooca.dev
baby.alexandaudrey.com
animatriz.com
static.avada.io
beer-metrics.com
booking.binxly.net
dev.bitmates.io
www.blackcodebook.com
www.blaylock.family
boredgames.app
boris-admin.com
bramnationweb.com
bsico.ca
c911.app
i18n.captag.events
www.chill.events
www.clinicowl.com
clipdate.me
www.cloud-vim.com
agent.suvidhamart.co.in
cyptrip.com
dance-dionysos.gr
decomvo.com
www.deepintellect-ai.com
www.deseopuro.com
dutchtechtips.com
www.ehonnold.com
preview-admin.emporix.io
epicrideweather.com
www.ethershards.com
contact.everbloom.app
fartpower.org
fontmuse.org
www.foodoor.in
app.gescom.nc
gonblu.com
goood-job.com
haeywa.ai
woonpartners-mh.herstelverzoek.nl
sp-auth.ibep-test.com
www.ideal.fund
ieeespx.com
www.ienaga.estate
app.ilost.co
infantojuvenil.uy
admin.stage.infomail.it
ishealth.app
ops.jetline.app
karza.ai
kisystems.com.mx
games.kitsune.com.br
kopilot.live
www.lani.ai
dev.projector.latinfever.app
bibliotheek.lexlibris.nl
altin.lightsdawn.com
manage.likejesus.church
localelections.nz
lotuskalaikoodam.com
lucky-appliances.com
luznuminosa.com
minssapventures.com
mister-tee.com
natashathompson.com
dev.naviguard.co.za
www.neriakatz.com
dev.ngonews4you.com
mtm.nilear.com
omg.ma
oneminutedeveloper.com
www.outfun.app
ovidiu.nl
www.pengelegen.no
www.plusflow.eu
app.prixz.com
profchiweb.com
warrantycar.profender4x4.com
pyfesports.org
quizotoon.in
app.rebentify.com
rust.yokohama
samphelan.dev
courier.shgardi.app
shingen-ai.com
simbahearttravels.com
slateverse.com
survey.smashkarts.io
speed-oh.rocks
sulaiman.dev
www.teamforce.app
thehelloworld.app
www.trigy.com.br
nenga2022.ufotable.app
undef.in
demo2.unitednetwork.ae
portal.vaivuado.com.br
verbalcreativity.de
dash.vkey.dev
weito.app
wimtrader.com
Other domains in certificate