Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.legexus.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 26, 2026
Valid Until
April 26, 2026
85 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
83:2D:E4:2B:D1:F7:CD:8B:EC:D6:CE:CF:0E:FA:18:48:73:E6:33:AC:ED:D4:51:5B:97:73:3D:D5:2C:E9:89:5E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.finovers.com
320.dog
ai-shala.com
yazaki.alpwcm.com
www.azashi.dev
www.betaregal.com
vs-admin.caazam.com
carmya.com
cdsmartlinklab.com
www.charmisutariya.com
www.build.cointanda.com
brussels.complementagestion.com
app.conferencecaptioning.com
councilofandrews.com
www.danielledev.co
disko-babel.de
staging.pdv.dito.com.br
www.drycleanerlocator.com
xui0kdwn597ig9q8.easyapp.co
easytip.us
dev.edodsgarage.com
admin.eeaser.com
www.ercharts.com
www.estilingue.co
feed-car.com
www.fight.reviews
fysiotherapie-beetz.nl
govea.tech
grenzmuseum-schirnding.de
1clickauth.gupshup.io
dadjokes.harriscode.dev
docs.helgo.io
hisayasu-juki.jp
www.indianunionmuslimleague.com
www.jalowell.com
www.jfortunatojr.com
www.kangarooedu.net
aff.english.kidsup.net
www.lacasadelchefrancagua.cl
launchctrl.co.za
learn-en.co
www.legexus.com
loveingame.fr
grillus.lupi.delivery
ports.mana-surf.com
www.mbelelebohang.com
memegame.cards
www.mesh-hq.com
future-cities.mettle.studio
www.minimalistinstitute.com
link.morelli.uk
oneclick-apps.com
onlinetagebuch.de
marilou.opatry.net
kadirarslan.org.tr
app.panavizo.com
www.paradisemalahide.com
userstaging.point4more.com
ticketing.portugalfootballsummit.com
beta.predigle.com
genealogy.pringles.net
autoauction.staging.progi.com
proto.software
vito.pueribauer.at
www.purplelabs.dev
v20.quesmatic.com
radardepreco.com
rb-tech.ch
app.rbfx.com
www.redinmx.com
cernerlistformatter.rizzo.co
www.ryeden.com
link.secureserviceform.com
doorbell.servaltek.com
witlens.servaltek.com
shode.dev
pioleagueboisepredictadmin.sqwadhq.com
pioleaguegreatfallspredict.sqwadhq.com
pioleagueidahofallspredict.sqwadhq.com
pioleagueidahofallspredictadmin.sqwadhq.com
pioleaguemissoulapredict.sqwadhq.com
pioleaguemissoulapredictadmin.sqwadhq.com
srikars.dev
starvehiclefilm.com
szombath.com
unencumbered.tallis.dev
taraswalgren.com
tnguyen.dev
travisbowen.dev
cf.api.trellisconnect.com
tss-pj.com
userelish.com
www.vagarshmartirosyan.com
velociraptor.run
www.vevisolutions.com
vpitriangle.com
www.wacharaconcrete.com
wegroov.in
www.wiggs.dev
women-kegel.com
Other domains in certificate