Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=chat.easygolf.net
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 28, 2025
Valid Until
December 27, 2025
35 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5B:D7:59:EB:9E:EA:5E:39:2A:DB:DD:99:E2:32:60:21:C5:06:F6:BC:51:A1:E4:7D:2B:DA:CE:40:14:F7:BE:4D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
js-api-doc.ipresso.pl
pzu-u.ipresso.pl
hasta.albert.health
www.allsear.ch
www.artkom.dev
yata.aryan.app
asepsis.com.au
www.attollose.com
benchmarx.ca
slucnancy.deeplinks.bfansports.com
beta.blacksinc.co.uk
www.boisetrailschallenge.com
brian-gesch.com
auth.citizenai.org
web.chinmaypotdar.com-cloud.net
groceries.cortlan.dev
dev.creators.site
www.cyclerovers.com
app.dairygoatmanager.co.uk
diannagomez.com
www.develop.doc.cr
chat.easygolf.net
www.ejzhou.com
www.elitenailspa-acworth.com
explicitidiots.com
share.fasdo.in
prod.fleetseer.com
www.gameofquotes.app
freelancers.getcafex.com
grt-dev.com
creative-demo5.hisy.in
www.hoff.town
hostwriter.app
admin.hoteles.express
www.iastronaut.app
www.jagraciella.com
www.jigri.app
track.justbeat.in
www.kardynski-chf.pl
kidsmove.app
www.laitinen.cloud
app.lead-mapper.com
les-dev.net
www.loyaltt.app
fins-admin.macademy.in
di.schema.magement.com
app.matableauresto.com
handworld.matthewgraham.me
memorigi.app
mightyscape.com
mytree-educfinanceira.com.br
orlandolopez.dev
osyou-create.com
www.app.pakhms.com
peopleclub.co.uk
www.performatrix.in
phantomfx.co.uk
pictureelement.in
www.pixeloceanmedia.com
app.plantia.xyz
www.pranavbadgi.com
action-requests.premier-pump.app
www.projectagenda.com
www.promptinghappiness.com
www.psychologie-maric.at
www.quehacerlaboral.com
mobile-staging.quincus.com
ralmamun.me
tulostaulu.rauhanranta.com
reproducedpapers.org
www.researchout.com
us.revitalair.com
www.sadqajariya.com
seeingaroundcorners.com
bar.sep.dev
seyremy.com
www.shreenik.com
www.sitch.app
staging.app.spirinc.com
www.starlitefilms.com
www.talktoterra.com
combined-iq.tallyfor.com
administrador.taqueriaselpariente.com
tdatdev.software
techiehug.com
telavolt.com
thebedshop.uk
thecodelives.com
trashbackindia.com
www.trovilo.co
turnify.app
triskel.turnosweb.app
www.ventajagenuinavaltra.com.ar
visualize-colorscss.com
www.waterlionfilms.com
waterplanten.nu
woolhouse.uk
www.world-trip-express.com
wowkitchens.in
www.yashithchanuka.com
Other domains in certificate