Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=www.cloudmall-uk.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 23, 2025
Valid Until
December 23, 2025
32 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FF:1A:E7:1E:E6:F2:A0:F0:40:33:68:4F:46:9A:C3:B1:31:03:96:46:0C:61:D6:C7:6C:B3:64:A7:CF:2C:E1:04
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31556926; includeSubDomains; preload
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
michellelee.tw
meltec1on1.app.1on1navi.com
2.uro.gda.pl
2018.devfest.gdgpisa.it
3awda.site
publisher.adgenticplatform.com
akasa-s3-booking-json.akasa.lk
alguemmeperguntou.com.br
demo.artanalyst.ai
www.authorbeacon.com
aykaryapi.com
family-church.beholdit.pt
www.birdbirdtap.com
logviewdev.bitspl.it
demo-falcon.bluewhale.kr
www.brainsderby.com
candy-land.co.za
www.chronovault.app
admin.cipomo.it
cismacore.com
clarifi.us
www.cloudmall-uk.com
mg.haiidev.co.kr
www.combay.co.th
condominder.com
dallasandgioschicken.uk
staging.connect-platform.dataggo.com
dentzay.com
www.diegoflassa.dev
digitizeme.com
www.dminsnetwork.com
video.dn2me.com
drivesphere.org
dullatinfrastructuresquarepvtltd.com
duque.bar
www.duque.bar
enthubit.com
escalapraelas.com.br
estimatesmaker.com
ferrymarroc.com
link-sbx.fintecture.com
notification.forja.cc
academicum-renewal.geddy.com.br
identity.getyourguide.com
admin.glorified.io
www.gojskoj.se
edoc.moj.gov.kh
hitchcock-farms.com
hockeystats.dk
indesigngraphics.com
ads.jajas.in
www.jamesdavidpresents.com
jasperreddin.com
joa.live
jupiterdistillery.com
justdrinkbinge.com
admin.kofkantechnologies.com
www.kriegst-du-hin-mit-uns.de
app.lazzard.ru
www.lbs-im-landkreis-esslingen.de
loviai.ro
www.loviai.ro
megon.com.br
milantoursandtravels.com
myinsights-app.mobilemarketresearch.com
tuneleap.mobopro.site
vaningen.demo.movello.se
www.nelsonvilela.com
www.nhadatdlk.com
thiepcuoi.nhungmagnus.com
omarcarpinteyro.com
ona.vc
www.onn.software
taskflow.onyekachi.dev
www.payflow.co.za
polvo.site
rdorid3012.in
regionalhockey.com
athlete.resilience-ppe.com
bitra.run.place
dashboard.searchhammer.com
meeting.solva.ar
staging.somarity.com
dev.studyspace.io
www.svelta.com.br
www.teamskillevolution.com
www.tecwebdesign360.com
tiles.tfx.is
www.thaiharmonie-erding.de
portal.thebhawanigroup.com
rabopreso.turkowloko.com
www.turnoclase.com
urbanproduce.co.za
valuepath.co.za
vitoneto.com
www.vitoneto.com
wayve.live
www.wiingaard.xyz
www.wiltshire-global.com
zaga-in.com
Other domains in certificate