Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=staging.getladda.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 13, 2025
Valid Until
January 11, 2026
62 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C2:5E:0E:78:39:CC:68:02:19:43:08:64:80:5E:B7:A6:C7:FE:71:E9:8C:5A:EF:F1:83:8E:CA:83:44:B1:F3:5C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
kolarcik.cz
a.4kweeks.com
fire.aaabev.hu
aesthetika.app
agrorendement-va.agroptimize.com
blog.anclement.com
arcistudio.com
arjansuri.com
askvikdevelopment.no
auco.pro
av2s.co
axelmry.com
bpmsvietnam.com
gigbuddy.chipcity.net
citizensolutions.co.za
link-pre.tngdigital.com.my
loc.com.sg
app.cortessystem.com
cv-nicolas-marette.fr
www.dariakropacheva.com
dev.districtapps.com
dojodb.com
drjenafernandez.com
energyon.us
farias.design
thenextgen.felixxgroep.nl
footsider.app
for-the-people.ca
g30agent.com
www.galas.fm
gdlestore.com
staging.getladda.com
www.getyourspec.com
globalleasinggroup.com
gscribe.com
ibolt.pl
www.idanschiller.com
mastertest.jeeblynow.com
jupyterwave.com
www.just-lifting.com
bestellen.kingkebab-haus.de
authenticate.knowey.com
koloa.app
kts-analytics.ktsutah.org
gift.labrador.ai
gamepad-latency.lambdasoup.com
test.admin.lawyerconveyance.ca
www.ldnopocno.cz
leadhunter.site
linnea-maja.de
duomdev.londonhydro.com
www.mariusneaga.com
www.martux.cl
mass-dev.com
mayordiesel.com
mehdiparyavi.com
www.melanatedhealthcare.app
momentum-events.co.za
www.monomersoftware.com
www.namasteyindians.com
link-ntw.nibo.com.br
vossloh-dev.omnitwin.com
www.our-deployment.com
palettable.xyz
mas.parkalot.io
ezserv-r-demo.penzigo.net
phlotilla.com
orange.pwa.platformkids.com
premiumleaf.com
programflow.prepa.io
www.profesor-mechaniczny.pl
www.quellcode.in
rachelplante.com
ranweli.com
play.rockpaper.me
www.schlaubi.ch
siddhaprotocol.com
www.simplereverse.ca
skytrustlogistic.com
voiptelecom.speakylink.com
www.speechbuddy.pro
hillcharts.speedledger.net
dacm.staderlabs.com
stage.start7.de
sushimples.com.br
www.sushinamipt.com
sz-consultingllc.com
easybankingportal.techforb.com
temer.pl
sparq.theflux.com
beta.thegatsbyapp.com
app.thesouledstore.com
theunclassified.com
tryiton.info
api.tvbaw.com
view-awesome-table.com
www.portal.voto.vote
vraa.jp
beta.wandb.ai
wherehouse.io
Other domains in certificate