Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.lumacasa.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 01, 2026
Valid Until
April 01, 2026
75 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E2:EC:C2:06:92:EA:27:EB:C3:69:EE:24:2A:24:59:26:A2:FA:AE:17:B6:9C:79:56:F6:D8:E3:F1:56:C9:B9:73
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
juiceme.it
astroteaser.32studio.org
eu.adagiomedical.com
gitaicost.agmo.studio
agoscamino.com
ainxlogic.com
www.alexdoumas.dev
pptrees.anshulg.com
atahan.me
www.automotiondashboard.com
baeckerei-werning.de
devlinks.beautinda.de
deals.bouchardchocolate.com
callerinu.com
charleschang.me
www.churchx.online
app.civa.app
bodhani.co.in
tensionfree.co.in
codisolutions.com
luxapart.com.ua
www.hymns.com.ua
www.creditcards360.ca
admin.darkhorse.cash
dbug.me
beta.dickwadandsprinkles.com
dionz.com
divitsabharwal.info
v2-docs.donwen.com
estimeai.com.br
crm.euracle.com
fantacticstudios.com
app.fundaxi.com
gamingonthe.rocks
shs.ghr-home.com
test-sp-origin.gohenry.com
redirect.hausvalet.ca
inventorycount.hotwax.io
ismelearning.org
jahanvibhuranda.info
jrk-vending.de
www.kalicrackers.in
www.kasper.care
kentek.com.mx
www.kevinfiddick.com
kmremodelingservices.com
top.larval.org
cozygames.lotusaurora.xyz
magicvalley.lotusaurora.xyz
loveyou.jp
www.lumacasa.app
lunitacoin.com
www.mattsbets.com
links.meetnorth.com
michaelmoras.me
www.mindsonglobal.in
ninja-global.in
www.novelitist.com
omkardroptaxi.in
dialect.opare.dev
peripeciasnaestrada.com.br
priscillazanatelli.com
employees.prmfiltration.com
productretouch.com
quizmantra.in
research.rcwmas.com
sankalpms.in
demopivoc.sapiolab.co
sayatme.guide
www.sentry-payments.com
shahbiryani.com
web3.shiur.cloud
shootware.de
www.sikao.com.co
sincerious.com
dev.skilletworks.com
smmisttheresa.org
invite-dev.stockmotion.io
stroll.strollhere.com
app.supost.com
bodakathyyoscar.swan.lat
www.systechdevelopers.com
tanisa.net
taskfront.in
techscope.shop
thinkfuture.shop
www.tim.phd
stg.tino.com.br
www.trmd3.com
samsung.verifiedservicepoint.in
verifiedservicepoint.in
mm.vr-cloud.info
go.wehead.com
whatifz.app
who-unfriend.me
app.wid.qa
william.woodard.us
wyld.global
app.xhibs.com
app.yogachaudsthyacinthe.ca
Other domains in certificate