Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.lakshanweerasingha.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 06, 2025
Valid Until
February 04, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1D:AA:61:B8:6A:97:89:C6:52:01:98:7B:C3:89:F8:9C:8B:F0:07:4C:96:B6:79:1C:E0:7A:ED:BF:D7:09:2C:16
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
rihlaai.com
1cham.vn
3hoa.com
www.adrianguichard.dev
agendfy.shop
aghadavid.site
www.akashimmigrations.com
www.alephantgroup.com
www.alreadyknow.finance
aurasglobal.com
awesomeagency.me
bildseen.com
biozell.sg
test.cando-solutions.com
casa-estelle.com
www.casaromaneasca.nl
chakrasoft.com
app.chesskid.com
clavierarabe.xyz
app.clivi.com
www.conxme.in
amin.dorost.nl
sanaz.dorost.nl
www.dreamerdot.com
storage.easy-catalog.app
etix.site
feed.sa
fertilizeronline.store
fire-dragon.net
fjordside.pro
gdjz.foodle.su
gengrp.co.za
gitti.gg
glamerald.es
widgetsrm.headstart.biz
www.hebamme-karlsbad.de
webapp.i4we.in
caubancu.id.vn
sondeptrai.id.vn
ijwm.com.au
juzai.org
kokabuve.lv
www.lakshanweerasingha.com
lavendragem.lk
ledesign.team
applink.livebuy.io
lockq.tech
manycarbon.com
memoriam.jp
www.mistro.io
www.mnmlabs.com
muscos.de
mvskiran.dev
pos-stage.mylekha.net
burger-house.nitin.world
auth.occlusia.com
chennai.onewaytaxiwala.com
madurai.onewaytaxiwala.com
vote.moatza-hityash.org.il
ottawamensconference.ca
projectfreedom.xyz
www.propelloai.in
www.rachelreid.co.uk
deals.redsols.us
researchout.com
beta.revcyclone.com
ricgurudwara.org
royal-lodge.com
www.salinasmatias.com
sareestage.com
be-my-valentine-2024.seanburrows.net
dev.securetix.net
sellbelly.com
www.simpli5y.com
layout.simulaton.com
mobile.skyview1.com
spheraus.com
msucowbellrace.sqwadhq.com
unityhsshuffleadmin.sqwadhq.com
srikrishnaglobal.com
www.ssrgroup.net.au
natal.stargazeapp.ru
sudharmasena.com
summa.do
adm.sysdent.net
www.tgcmech.co.uk
thepureplate.in
staging-aprovacao.thumbz.com.br
www.tkdegen.com
u3dcreations.fr
g.una.cl
upsellproductaddons.com
vabby.dev
vmoros.pizza
waynehewitt.co.uk
blog.wedevelop.me
www.wisdomcool-tech.in
rmht.wiselysoftware.com
xleduglobal.com
xpathchecker.com
Other domains in certificate