Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.lootlot.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 25, 2025
Valid Until
February 23, 2026
75 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B4:FA:83:A6:9B:22:E9:5F:B2:58:ED:74:B8:1E:C1:16:95:A9:83:2B:15:43:79:3A:C7:8D:89:C4:51:E7:47:DF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.kevinvunguyen.com
www.1hvm.nl
www.abhishekmalpani.com
hotmail.secure.accountlogin.us
www.adzmap.com
admin.afroup.com
smartbar.aodocs-staging.com
fl-demo.art-ie.eu
training.asiapacificforum.net
sub.auto-voicing.com
www.axiom.hu
tryout.brettk.dev
community.caddmicrosystems.com
casadelvoltosanto.it
www.charcha.xyz
www.cipheria.pro
clapcampus.kr
solutionai.co.kr
www.powerconnect.co.kr
sos.rakyat.com.my
www.globemart.com.pk
www.comfortlab.ru
cookiesandcode.co.za
link.cosmile-info.eu
www.derwandi.ae
doll.fashion
www.eurobreeder.com
app.extracta.ai
stage.fetelist.com
www.financeskillstraining.ie
tour.foodforthepoor.org
fxministry.com
docs.gestaltor.com
staz.goedenacht.app
bridge.gojiswap.exchange
iacrm.pro
samsungkorea.onsite.invue-live.com
apps-sandbox.joinsherpa.io
projects.joshid.co.uk
www.josiahbutcher.com
www.letstalkcoach.nl
lifeinthe.uk
jp8937349.linycv19yoyaku.com
lizziegasson.com
www.lootlot.com
maaser.money
marketingdeafiliados.info
www.matimbaenergy.co.za
market.medialocal.com
micaros.eu
nanoflick.com
www.neatnumbers.com.au
www.neijt.nl
mint.zdanowski.net.pl
beta.verity.news.net.au
v2.onemilliontweetmap.com
www.ontheroadagain.app
www.opiskelija-asunnotpori.fi
inmap.org.br
app.itp.org.in
admin.pamit.co.uk
www.pettanko.sexy
www.peugeot-foret.com
klamaifairoo.phonlamuangdee.com
sagarakaryabersama.pixby.id
app.pixietag.me
link.endpointsecure.play.pl
checkout.poap.xyz
www.possibl.ai
escapedb.pp.ua
promocionjj93.com
puja.eu
apperviti.rawdata.es
qr.repark.ninja
au1.oms.resbutler.com
terezija.rocola.es
www.sponsorenlauf.rr-by2.de
scobooster.com
sdmusicgroup.com
soulless.cc
stroller.app
console.suflerapp.ru
www.supercolor.sk
core.svolme.net
app.sweetorderbump.com
taylorclarksoftware.com
mijn-test.tm.toegang.org
travelpud.com
vacci-pass.com
www.vimigaa.com
texte.wanke.jetzt
www.waplat.com
www.waterfoil.com
www.webhost.au
www.welldeliveryprocess.com
language.wesamabadi.com
westfieldpreservationalliance.org
lmnp.wishcompta.com
admin.wl.team
wrong2learn.com
Other domains in certificate