Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=igcops.oxlac.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 05, 2026
Valid Until
April 05, 2026
82 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D4:2E:40:F1:CB:3D:39:CD:01:FF:FB:87:6F:69:ED:4D:2E:49:92:C0:F6:E6:88:A7:32:F7:FC:91:B7:E3:C5:20
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
gliderlogbook.de
abadiaconstruction.com
alchemyengine.studio
apartmenthera.com
appmargin.com
artistly.in
mybls.belgiumlimousineservices.be
belousoff.ru
bouquetbow.com
l.chikiriki.ru
ssl2.meibo.chowari.jp
ssl2dev.ship.chowari.jp
applink.test-mp.co-op.crs
www.nishantarora.co.in
www.writinginstrument.co.in
codejo.com
www.coreimmersiveacademy.org
cwculinary.net
www.decorostories.online
dicken.dev
dkmsoluciones.com
sistema.eleanplanner.com.br
emailsync.dev
www.feasto.food
app.finalatpl.com
fb-auth.gesfrota.pt
griftor.xyz
gultne.lv
www.hesaplahadi.com
www.iastake.com
phanduchieuvt.id.vn
app.isanku.co.za
ithryv.app
julianabombardelli.com.br
karimagine.fr
www.kishorkhabiyajain.com
kmldn.dev
www.koreavalley.com
kwenaphora.co.za
lilylocks.com
www.lilylocks.com
karten.meindbtbuch.de
www.mhd-almouchafaou.online
www.microgreensmaster.com
store3.kitaro.my.id
mystockshelf.com
cc.nguyenthanhmynotary.vn
www.nishinoyama.net
link.nodalview.com
onewirelessservicesllc.com
hksiia.org.hk
ourreadinglamp.com
igcops.oxlac.com
pantmaster.dk
admintest.pej.se
piswapz.com
www.pladurparamontadores.com
www.proworkbuilders.ca
www.rafgui.com
rajakedia.com
realcappers.com
www.recrubianexus.com
sacredpathretreat.com
www.saisonabo.ch
samuelreeder.com
sanctuary-vr.com
sapuska.com
shiroye.com
cms.test.shoofti.com
www.simplelog3.com
admin.snapvisionary.com
softybytes.com
www.solariotech.com
splinxify.com
star-catch.com
ia.storytellingtest.com
bodacalderonruballo.swanmoments.com
syntropy.fm
www.syntropy.fm
systemiselife.com
rag.tamkin.digital
orcamento.termoclima.pt
www.thealignmentcode.org
theclouddentalstudio.com
thinkaram.com
tiktoktomb.com
titaniumconslt.com
imposters.tolujimoh.com
towtruck661.com
transpolink.net
tretechinc.com
turancanbolat.com
www.underscorepng.com
veilminer.online
vibepadapp.com
villacampagnatrogir.com
waveapp.me
yangxincpa.com
zerocode-devops.com
frame.zzoman.com
Other domains in certificate