Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=lumentop-staging.fyne.studio
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
52 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A9:B9:8C:27:2C:AC:D0:21:0C:8F:61:7D:8B:6A:EF:12:41:13:78:D3:15:0D:AA:92:A8:E8:65:CE:00:8D:F0:1E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
socaldpa.com
app.143fsl.com
app.297logistics.com
aaweb.ch
staging.alpharoot.com
app.aperio.me
sigma.cao-vo.appdashboard.nl
aviaterobotics.com
bagdadchasegoldminingcompany.com
ekycuat.banexcoin.com
www.bevdb.org
www.blackoutkey.com
boardgameshelf.app
dev.land.boostbiz.ru
bruceackland.com
caata.in
www.shop.cardsearcher.cardbox.sc
www.castodian.de
chrismuzzin.com
cloud-vim.com
kastaraocean.co.id
www.dbracha-law.co.il
puppyprice.co.kr
www.crosslog.life
www.ctlife.us
portfolio.davidgranado.com
doumbouya.dev
jms.easysignage.app
www.edunow.co
tools.el-darto.net
casadodesign.esad.pt
partner.evrochehol.ru
www.doar.fenomenos.org
www.friendlymedianetwork.in
lumentop-staging.fyne.studio
goalyapps.com
beheer.hallovriend.nl
healthid.ai
www.howmanybeds.com
sanglh20225154.id.vn
influencerads.co
inventhor.com
ivanvotti.com
www.jacknutrir.com.br
www.jellylabs.co.uk
josephbiden.vote
www.kilnrpg.com
thisplays2.kiosk-admin.com
konkon.me
kudafreelance.com
www.laberinto.app
www.lahenlvi.fi
sct-dev.da.letsdive.io
www.littleacewedding.com
app.lumin.business
www.massres.work
staging.maxer.io
design-approval-futura.moons.rocks
www.noodl.io
p31.kr
pajor-hodowla-papug.pl
app.pamodigital.co.uk
peetplaat.nl
pensiuneadaciastraja.ro
linktree.pethereum.io
links.podeperguntar.com
prismlux.com
pskhan.com
puregracecleaning.com
speedometer.pwa.run
r-touches.be
rajascafebar.com.br
richardnguyen.rcadvisor.site
www.serveox.com
xintl.skybounddev.com
jamboree.snapmentor.no
www.solidusertest.com
www.starlinkzuela.com
stgdconventschool.com
strydai.run
sunny7.co
www.suryanenergy.in
www.synaptiq.co
thecompendium.cards
console.tilt.rest
staging.console.tilt.rest
www.torche.io
townsoft.jp
bestelling.vakcloud.nl
www.vilano.org
app.engage.dienstek.voyagernetz.us
uat.mis.wegcambodia.com
www.whatproblem.dev
workandrise.com
stage-admin.triple20.xhibithub.com
auth.xyan.dev
scorecard.yardball.co.uk
yodaniel.com
www.onboard.yoyoreact.com.au
www.zoznamzelani.sk
Other domains in certificate