Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.stockl.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 19, 2025
Valid Until
February 17, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CA:2E:6F:1E:32:B4:1E:38:71:45:17:EC:E2:52:E7:DB:DF:A2:FA:39:5A:34:85:17:47:76:9D:7B:71:41:03:9E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
peekaboo.me
acesr.net
www.alethea.care
alfaga.net
www.allbrightinformation.com
www.alunideas.com
www.demo.amy.app
www.mdm-backoffice.arkerlabs.com
proxy.bridge.arrowhealth.io
rds.avigate.io
bbhoss.io
feedback.beeperlink.com
bettermyloxd.com
test.form.biome-hub.com
www.birshancaraccio.com
bitpoke.io
www.blossom-natural-health.com
prolinks.blujobs.in
links.boligsiden.dk
www.brightanalyst.com
bylevi.me
capsi.net
links.chronos.jobs
assets.cloudlift.app
edihovalot.co.il
sonaroddur.co.in
www.vndts.co.in
www.colwyn.info
4th.cpn-othellonia.com
crescentbulkbrokers.com
www.darshans.me
www.dearmamafilm.com
tippspiel.digu.io
diverswoerden.nl
drsinstitutions.com
portal.telemedicina.drtis.com.br
ehrlichproductores.com
enquityluxllcbrokerage.org
go.filarmonicatresigallo.it
fredzchicks.com
risk.gets.cloud
godrejpropertiez.in
gojoart.com
crisp.handy.la
www.hashgraphdefialliance.org
stg.hodooabc.com
iidx.app
innext.com
www.interiorai.pro
www.jossgitlin.com
kfbsevc.com
ksk-pet.de
nicolas.lehuen.com
bookmarks.lioda.xyz
www.mapyourtravels.us
www.matrixengr.com
www.max-baumpflege.com
misacs2.com
evaluer.mitsubishigranby.com
modoni.cloud
www.mypeoplego.com
mysquads.co.nz
www.nftpowerup.io
ninjacows.net
pokerito.app
powermantra.app
psihovital.ro
www.psychoterapia.blog
store-front.r222dev.com
www.radextds.in
classroom.reevtech.in
excell.reevtech.in
app.remainly.se
www.retailconnect.in
seemsprofessional.com
shenbones.com
www.shopdm.store
sicherlichsicher.com
www.simbatechrev.com
www.simplerio.com
simplykooi.co.za
powder.skiday.app
agent.softpe.in
aquarium.sogafit.net
foundation.v2.somostera.com
www.sordidvibes.com
spellscoders.com
gs.sportz.news
www.stockl.io
accounts.theaterhood.com
babyshower.themckinnons.ca
thewinspire.in
pokards.tidann.dev
apps.tomas-chyly.com
burgos-vr.toysfilms-interactive.com
www.twoonetwosports.com
uss.uveye.co
www.wizork.com
yoga-kailas.com
zylensolutions.com
Other domains in certificate