Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=internal-manager.loplat.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 08, 2025
Valid Until
January 06, 2026
56 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
86:5B:FA:71:6A:90:BA:CF:6B:E4:5C:F2:BB:65:5A:40:97:0C:99:5D:8A:13:D6:D1:30:C1:2E:18:2A:A3:66:05
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
cherryfrost.in
demo5.app.1on1navi.com
avisacar.a2system.net
www.abizmo.dev
adventuresofpatoo.ca
aiquizme.com
admin.alexdoumas.dev
alexescorcio.com
aravindputrevu.in
www.arcarigioielli.it
arquants.trading
assuranceski.com
planning.aurelienchevallier.com
user.bewell-benefits.com
www.bluehuelabel.com
brovchenko.dev
www.brusketa.app
inside.cactus.capital
carbonmarketcebu.com
clubhouse.co
damv.dev
admin.designalley.in
brandon.dimcheff.com
www.easy-spesa.it
driver.edible16.org.uk
entrant.educationawards.ie
epic.so
wbfcwf.apps.fao.org
www.faustobdls.dev
paineltabapua.g2canal.com.br
giveupanduseany.com
www.glaze.chat
www.golfsnap.app
grippy-shares-staging.griptonite.io
www.happygast.de
widgetsrgoc.headstart.biz
green-donation.heartfulness.org
www.hochschulinitiative-studienstart.de
homekeeper.app
houll.co.uk
iltrispizzeria.it
islandh2o.inseat.menu
invoice.app
www.jiwonpark.dev
finances.josiezx.dev
www.kaewsamui.com
www.kiasherbrooke.com
ad-adminwebapp.knolskape.com
cconverter.kold.dev
brphone.lhnab.com
www.livebetting.party
vesting.locker-token.com
ops.logivan.com
internal-manager.loplat.com
lucine.cloud
madebygina.se
firebase.mantaexchange.com
mitsuwa-off.jp
forms.mpower.africa
sso.mymagicchat.com
app-staging.myplayer.io
www.nabehide.com
www.nachhilfe-portal.com
app.nathalieodiot.com
cds-apps-harvester-qa.hi5.platform.navify.com
norlist.kz
www.patrickstepanian.io
backend.plazahogar.ar
www.proprietyrealty.com
pscalar.xyz
app.psychofacile.com
questionari.net
ragnarvision.ragnarockgeo.com
restavracijapresa.com
www.saraluk.com
shoppingdeal.fr
iutlh.sizarlabs.com
slme.me
fa.ca.slz.lol
juliaardaya.smartin-hclinicos.com
auditpl-app.speakylink.com
www.spilakassahusid.is
www.starcoenterprise.com
www.startlink.io
dev-cloud.tacx.com
tamarinlabs.com
tanveer-khan.com
thailandcommercial.com
app.beta.conference.thinkbitevents.com
thomaskfisher.com
www.unarchived.org
uroomie.be
www.vedacomputing.com
editor-uat.vennapps.com
console.viggo.com
goagames.whatsscore.com
www.zak-fisher.com
wax.zeptagram.com
link.zmurl.com
gifts.zuberipay.com
Other domains in certificate