Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=lebsa-plus.businesses.ly
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 08, 2025
Valid Until
January 06, 2026
54 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
79:8E:EA:18:F3:E4:DF:CA:55:5E:FA:E2:7A:3C:03:50:CB:D1:0B:23:27:8F:38:F3:26:36:00:D5:2D:76:B4:2A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
snowsafe.at
cremma.agriopages.com
alexandermasud.com
anandakshan.in
mesa.app-quefome.com.br
tutor.appkitpro.com
auth.assemble.inc
bigyna.com
botenkopen.eu
lebsa-plus.businesses.ly
www.campfire-crew.com
carteiracliente.com.br
chemgrams.com
iknowtech.co.in
comein.world
cubaluxuryholidays.com
customersupportaiagents.com
www.eaglepixls.com
enmzxx.com
eplusmoment.com
etalx.com
www.examschoolreview.com
claims.exchange.art
social.feli.page
analytics.festinasweden.com
friendonymos.com
froufe.com
saas.fullstackbigdata.com
hub-client-fisa.gestaotop.com.br
apps.sebastian.ghiveci.com
golfoutfitters.com
app.goskoova.com
www.gracepyoconsulting.com
www.greeningyarrabridges.com
tazkio.greetextai.com
one-budget-allocator.groupone.pl
hnheatingandair.com
imbianchinosiena.it
innovateam.co
itsmartik.com
www.jampad.app
weekplanning.jasongoossens.be
www.jazzassist.com
jbalazer.com
jellymountain.com
joeloeppky.com
joinmeirl.com
karuahgolfclub.com
katrinhers.is
kientaocuocdoi.vn
kinabaluconvention.com
linkbuzz.com
www.livepark.fr
www.lunatraveltech.com
manamahal.com
marryyourpartner.in
mawonelo.com
mayimspa.com
mcstools.top
app.meetingrule.com
merayaapp.com
www.missouri-titan.com
dev.fidelidade.moub.com.br
mr-traveller.com
www.mysteriousgoo.com
www.nahschub.ch
nasirshotdog.com
perfecthtml.com
pokefreak.com
www.powerparadise.se
priafitness.net
www.prog-sol.com
questdecoding.com
garbagecollector.renderbit.com
roboticorp.co
link-stage.sharprank.com
shulalab.com
skybreath.me
slvservice.com
auth.somostera.com
tantu.speech2txt.com
stage0.ai
fleet.stairling.com
stellasmdesign.com
amberleaf-v1.studiossolution.com
talaneo.com
www.tapaw.com
www.thevangoghstudio.com
hs2.time-lapse-systems.co.uk
www.tnbv.nl
pwa-poconos.trueomni.com
www.typekey.io
hps.upwire.com
policies.vezham.com
eslint.vinicunca.dev
ssca.virtuebible.com
landing.vivatv.ca
vivianinc.com
volundrtech.com
walletkope.com.ar
Other domains in certificate