Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=pipasycocadas.clau.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5D:D0:19:3D:37:F2:89:66:83:B7:EA:70:D2:05:99:76:68:30:F1:BF:67:EE:7C:4C:81:5F:D2:98:25:A8:D4:F5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
auth.skytowner.com
2019.ng-my.org
2g.no
www.432house.com
abcantrodocovolley.club
abnconsultancy.in
amipissed.com.au
www.apjoex.dev
arthurklattenhoff.com
www.astnw.net
blockstobots.org
boonemassage.com
disco.ccv.brown.edu
butchbuster.com
www.cademicchesscenter.com
calfit.app
matiere.changamuka.com
www.chef-inspiruje.pl
donpan.clau.io
pipasycocadas.clau.io
clean-help.net
cleanease.ca
clesleycode.com
cloudspirit.co.uk
aeon-admin.cmrl.in
bytespark.com.ng
app.criptan.es
www.dannystrinden.com
dice-mate.com
dichev.ai
www.directaffect.net
dumfriesasc.co.uk
admin.eatman.app
menlo.ellipsishealth.net
familyportal.nyc
farport.co
download.flip.delivery
freetime.fitness
garritas.co
www.geisonszo.com.br
auth.getbookify.de
www.grassrootsgov.org
bkeep.hostabee.com
hubertuskorps-holzheim.de
institution.ialumni.com.br
www.ibedo.org
www.au.ihhsfair.com
bermnoi.in.th
demo.inhouseorders.io
vc-manager.irestore.info
www.islandlifeexotics.com
promotions.jeeny.me
joinhype.app
cirebon.kindergym.id
laponi.us
flashcard.littlesyntax.app
deeplinktest.maleficgames.com
www.mdpl.app
test.memaree.nl
morrow.app
new-dashboard.mpower.africa
appdev.muster.io
pic-lottohessen.mentor.neccton.com
www.osition.com
cv.otiskan.com
pericope.app
login.pgslot444.xyz
picsolutions.com.mx
time-tracker.prient.co.uk
subase-admin.pujasweb.co
the-hacksaw.quantumjosh.me
radixbit.in
adesso-staging.recruiting-solutions.org
www.richardscruggs.com
www.s2nventures.net
sandbox.savantpayments.com
saver24.net
screencrab.me
shelterapp.org
landingpage.shotcut.app
amazonses.simon4mnda.com
www.simplywayfoods.com
www.situgate.com
siwoo.club
www.spanndecken-dmb.de
dev2.app.spirinc.com
sportkit.app
member.successmore.com
teamdivis.com
redacc.telecomax.com
topology.thebearlab.com
www.torpalangan.se
afi.turnosweb.app
apf.turnosweb.app
tulukaadidas.turnosweb.app
uvstudio.co
staging-admin.vidocto.com
wearedoronko.org
xapp.xcape.in
www.yellowraytechnologies.com
Other domains in certificate