Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=lalocanda.clau.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 22, 2025
Valid Until
February 20, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9D:A5:F3:0A:2B:52:AE:08:2F:EB:94:1B:1A:1C:A2:11:70:07:A9:12:C3:C3:A5:E9:BB:92:28:17:55:33:15:F1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
moonpyx.com
www.3db.dev
objeditor.3rbehavioralsolutions.com
dpm.nurulfikri.ac.id
aimdigitech.com
www.ambient.alaphd.com
aldridge-gives.aldridge.app
bead16.alignitgames.com
alpinecrew.al
alvish.in
angeltech.com
bradcarson.ca
staging.app.brickwise.at
app.calven-tech.app
gameworld-uat-backoffice.cbdata.sk
lalocanda.clau.io
clearstore.clearobject.com
www.clonebrews.com
control-staging.cmorider.com
cubanitosmifavorito.com
fsdk.customfit.ai
www.dsrlglobal.com
aqua.dukatrack.com
dumpster.app
e-servant.com
eduardorp.com
edumancer.com
startupgrind.eharis.com
links.equipocabo.com
blog.familybringsjoy.com
fokaweather.com
fox-club.by
anniversary.foxcroft.dev
za.uat.gaapunity.app
test.getshoutout.com
dlk.girls2-fc.jp
highefficiencyhousellc.com
presspets.hypervr.games
exam.ibisacademy.in
manage.ibisacademy.in
inparallel.app
isayur.ipiring.com
jornpipop.com
jugendfeuerwehr.app
www.king-coffee.com
kintry.com
www.kirstenschowalter.com
eu.my.linkcard.app
app.maxprofitness.com
www.medoc.in
nebular.methvin.dev
stripe.mindburp.se
mosquiteros-toldos-quito.com
qa.mymedstore.in
sistema.neowifi.mx
www.notebl.com
ai.ojas-labs.com
share.okki.app
one-chat.app
www.one-chat.app
admin.origamiwash.com
www.petler.app
pianolessonssouthampton.com
pierrelamusse.com
plushtoi.com
presenzo.com
www.promotorfreelance.com
quickstarts.net
reefte.ch
b2b.relobase.com
auth.revisionme.com
vizion.salesvizion.com
www.seigospace.com
selfpay.care
sellmyhouse.co.nz
www.sgj-gems.com
www.simonesesana.com
smilecat.dev
sunshineandsweets.com
sunwaydental.ca
nimble.talhahpatelia.com
innovemind.taximet.com
s.teller.jp
money.thomasbutler.com
futbology.tranchant.dev
www.treelog.io
triodesk.in
tuneprefs.com
www.turdsicle.com
www.undarkpixel.com
admin.uricall-dev.com
easygo-core.viteusa.com
chat.vklidu.ai
app.voya.live
bdbe-table.waiterpro.com
webtech-systems.com
whatstarget.com
workandtimemanager.com
www.yigitgrp.com
certifications.zymdev.com
Other domains in certificate