DNS Gurus
Open Cached · just now
77/100 SECURITY SCORE

Certificate Information

Subject
CN=drzisserman-chirurgien-dentiste.fr
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 21, 2025
Valid Until
February 19, 2026 87 days
Public Key
RSA 2048 bit Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6C:07:16:02:E6:FC:F5:5A:FF:70:29:DE:0F:4F:B2:D4:FE:F4:01:E5:5F:6B:58:E0:10:B8:27:93:2F:79:87:EC
Alternative Names
100 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains
ground.lumbung.app

Other domains in certificate

aaxlss.dev
portfolio.abhivatsya.com
alchemydecks.com
alexgastone.com
allmedi-socialmedia.de
appnity.ch
www.audiosavers.store
www.balletschoolwendyschevenels.be
www.bandachapadao.com.br
blades.bookshelf.press
boucherieserignesaliou.com
brightvis.com
cdctecmilenio.mx
cherrydarlingsbakehouse.com.au
www.cianjhan.com
www.clyr.app
www.cnmluxury.com
www.cocometic.com
apis.collegepredictor.ai
prasidhakarki.com.np
www.conyurba.com
www.cosmodental.center
cube60.com
danielgomezu.online
triplewhale.designs46.com
www.devbread.com
dinid.no
pages.donorflow.net
downit.app
drzisserman-chirurgien-dentiste.fr
www.elcajonhistory.org
app.elfinmarket.com
encodecanada.ca
www.enigmata.co.uk
business.enkeldigital.com
developer.staging.entur.org
bcci-trivia-3.fanisko.com
www.firstchoicepos.com
app-dev.fremby.no
im-team.gesund-belastbar.fit
getdatadoxa2.com
w.gigwizer.com
gratin-resort.com
www.hinmantechnology.com
www.hotefy.com
www.immagbox.cz
keyscalefinder.com
admin.kgp2ssindia.in agreements.kgp2ssindia.in
link.kinderspiel.app
kolakow.ski
familytree.labyb.com
www.leonbioingenieria.com.ar
www.lovejulesleather.ca
www.lundberg.guru
qa.marylandisopen.com
middlemo.co
commencement.atlas-apps.mit.edu
manage.dev.mitemma.de
mkzoa.com
mybitcoinprofit.com
qr.candystore.myzeal.app
neuerechte.org
www.dev.openbracket.net
optimaldfs.app
portal.orwi.app
auth.dev.owletcare.com
paranoidtimes.ca
plnk.net
blog.poky.men
con.pranavc.in
beta.profylecard.com
pushrewards.net
ranchmarketrewards.com
eeg.randomquark.com
discover.rideet.com
rovee.app
qa.rsoundtrack.com
rubennp.no
salarysurvey.in
www.scuola-vecchia.com
signtalkapp.info
specialbody.net
www.sphrei.io
site-checker-63e88.studio.design
www.supportplayer.com
trackme.suveechi.com
instance2.tallyfor.com
4s.tapacenter.com
techsfo.com
www.therejuvenist.in
tigerbrandapparel.ca
admin.tomealsoft.com
tostaduriacorcolen.cl
video-meetings.worksup.com
sponsorship.youthstoday.com
schedulerapp.ytinc.net
dashboard.zeeplo.com
zenithexpedites.com