Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=ezcli.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
52 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3A:A8:4A:3C:7B:9C:FF:60:9C:57:15:86:0B:07:07:10:25:74:0B:4E:06:D9:D3:3E:D2:B2:C8:0A:AE:0F:55:BF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
robertandallison.in
app.1ludo.in
www.abhishekgoyal.dev
onfact.acs.be
www.actionguitars.co.uk
ksp-app.agreco.tech
www.ajinkyabarve.com
public.andimanieta.com
arvglobalcreations.in
aticoempreendimentos.com.br
2fa.nixt.banpunext.dev
bemsmobilya.com
bupahealthandcare.com.au
www.caargo.mx
www.chatkaustawu.pl
chefsl.ist
import.classicdriver.com
cmedina.dev
conservativesbreakcontracts.ca
portocred2.staging.creditoexpress.com.br
www.cvrlxsguzman.com
cyoptic.tech
dgoc.app
domeniulsarulesti.ro
dunets.xyz
e-scc.click
theiotanetwork.ericliu.dev
www.esgplaybook.app
exzl.dev
ezcli.com
ticket.faktor22.nl
fakturpajak.com
www.festilo.nl
fijo.co.uk
freedom-x.freedom.to
frog32.ch
genwave.xyz
gkh.engineer
glashuset.nu
www.glenridgefaces.org
www.gubolivia.org
suite.hasanuzun.de
links.healo.app
www.idleelem.net
www.joinwana.com
kralj.info
leontec.fi
liuais.com
dynamiclinks.lmk.chat
lorirubenstein.com
www.lugfloen.com
mandmcontractingid.com
www.marketplace.marcofailli.com
www.martinstrauss.id.au
www.oilwellness.company
system.cntc.or.th
pixelbots.io
www.prakriyadesign.in
forms.prolase-medispa.com
psycholog-bialek.pl
stg-card.pay.rakuten.co.jp
auth.realkanazawaestate.jp
reclaimer.app
auth-tuesday.reveliolabs.com
riderepairs.in
www.setsuna.co.uk
shababstyle.shop
www.shababstyle.shop
www.shovelyxe.ca
www.skiklub-oestertal.de
app.snapgen.ai
www.sparkengineer.in
sporepatrol.app
www.streetfriday.com
invitation.sweepy.app
tesla-discount.net
thedatahitchhiker.com
therealvdevelopers.in
www.therealvdevelopers.in
tintingwalis.com
me.tobiasdussmann.cc
hiring.treadtransportation.com
truegis.uz
tsukurude.app
bid.usemason.com
www.vehla.org
vestbytorgetlegesenter.no
auth.vigilantesdosono.com
recordings.virtualpbx.com
invite.vodo.app
www.chatx.vyeron.com
mendes.qa.wallit.app
weissenhof.biz
jujitsu.whiteronin.xyz
app.wifimap.io
app.yadadatrading.com
ybref.fr
ppmechanical.yourjha.com
www.zeusvault.com
www.zubairmd.com
Other domains in certificate