Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.klare.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 26, 2025
Valid Until
December 25, 2025
41 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
45:92:CD:C4:8D:18:76:A6:89:A4:0C:3E:FA:ED:DE:1E:37:AF:A7:20:CD:2F:35:49:B9:66:8C:D0:09:05:46:42
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
dataleaper.com
acaciastories.com
www.agataandme.com
demo-integrations.appmixer.com
www.authenticatorplus.com
balin.app
preview.bloky.dev
app.booqio.dev
wed.atlow.co.il
fs-adb.conseq.uk
constanze-ring.de
cruscia.com
www.curtisfriesen.ca
v2.dailytrackr.io
deekshithkulal.me
dierenartsendebrug.be
dishan.de
dnewberry.com
dougliu.com
showcase.ducducnyc.com
pda.vac.e-ceos.com.br
e-filetransfer.com
boostv.easysignage.app
distribuidorafischer.edsys.com.br
elmejorenvio.com.ar
www.estrazioni.eu
www.exchem.de
exploriatravel.com
stg.f2bportfolio.com
festadopai.com
fiestadelpadre.com
finshots.app
gaumenrutscher.de
www.gaumenrutscher.de
gaute.dev
admin.gdgyangon.org
grasshopper.games
www.invisiblematch.com
iqbarber.com
jaysea.org
app.joinombi.com
beachpoop.jonlowrey.com
go-dev.justfarm.app
kalakarguild.in
www.keepsake.band
kelarann-validator.io
www.klare.com
cnk.lfv.jp
link.linckr.com
electronic.liquidcodeify.in
hikool-admin.m1studio.co
www.macangroup.co.uk
mailzone-app.md-test.mailzone.app
firebase.marina-punat.hr
www.mertl-luxury.com
midwicket.org
mkck.nl
financeiro-dev.mobilizei.com.br
www.museuautapinheirobezerra.com.br
www.myclevelandhealthcenter.org
nachodip.dev
onevotelikeyours.com
www.pipelify.ai
www.planetrk.com
www.pravinyoy.com
rustixmanor.com
rxlabz.com
www.saiftech.org
www.sandiegosurfriders.com
santrex.de
demo.schniide.com
scitophia.com
app2.seggac.com
www.shardanabeach.it
veenaadvertising.showitbig.com
simtopup.siamgpstrack.com
sproutworks.ca
www.stare.ro
stage.starkeytelehear.com
cad.svadola.se
bodacruzibanez.swanmoments.net
tdc.tallyfor.com
theworldvoice.org
ludo.tigerstudios.com
tina-ng.com
storybook.togetherplatform.com
www.tourette.agency
www.truemarkusa.com
api.uiclap.com
staging.cms.victoryrx.com
vizarch360.com
www.vizsla.tech
event.wellcome.biz
app.wunschbox.at
www.xkfa.com
contable.yungol.com
zinmk.com
gym.zomans.com
pokequiz.zzxxccvv.com
retro.zzxxccvv.com
Other domains in certificate