DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt Active incidents

Certificate Information

Subject
CN=bayfrontlux.com
Issuer
C=US, O=Let's Encrypt, CN=YR1
Valid From
June 04, 2026
Valid Until
September 02, 2026 74 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D6:A1:EC:4A:A9:A6:C4:B6:B0:DF:8D:09:D1:4D:3F:17:38:98:19:C6:F1:53:8D:1F:24:42:E4:A2:89:42:E6:C3
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
surgeprotector.it *.surgeprotector.it *.dev.surgeprotector.it *.staging.surgeprotector.it *.stats.surgeprotector.it

Other domains in certificate

1130ylxx301.top *.1130ylxx301.top *.1e144f28f0.1130ylxx301.top
123tiktok.com *.123tiktok.com *.api.123tiktok.com *.dev.123tiktok.com *.login.123tiktok.com *.test.123tiktok.com *.tiara.123tiktok.com
*.access.bayfrontlux.com *.backend.bayfrontlux.com bayfrontlux.com *.bayfrontlux.com *.connect.bayfrontlux.com *.home.bayfrontlux.com *.vdi.bayfrontlux.com
d8gvv.xyz *.d8gvv.xyz *.ww38.d8gvv.xyz
*.32.pakohighqay.online *.cb2w0e31bu.pakohighqay.online pakohighqay.online *.pakohighqay.online *.ww16.pakohighqay.online
*.access.pusuy.com *.adult.pusuy.com *.apps.pusuy.com *.cloud.pusuy.com *.cute.pusuy.com *.cutegirls.pusuy.com *.gateway.pusuy.com *.jnuxp.pusuy.com *.mail.pusuy.com *.midget.pusuy.com *.p.pusuy.com *.portal.pusuy.com pusuy.com *.pusuy.com *.rdp.pusuy.com *.rds.pusuy.com *.rds1.pusuy.com *.rdweb.pusuy.com *.rkluts.pusuy.com *.vpn.pusuy.com
*.937c24b4-d167-4aeb-8ba8-aa0ada88a535.quantumreward.com *.admin.quantumreward.com *.api.quantumreward.com *.app.quantumreward.com *.c65e1984-7f59-461e-9758-c4467938c766.quantumreward.com *.cloud.quantumreward.com *.dev.quantumreward.com *.f942b2c9-830d-4b9d-a91a-a44581e8bf96.quantumreward.com *.latam.quantumreward.com *.m.quantumreward.com quantumreward.com *.quantumreward.com *.rd.quantumreward.com *.rds.quantumreward.com *.rdweb.quantumreward.com *.remote.quantumreward.com *.vpn.quantumreward.com
rx43a8.co *.rx43a8.co *.us49508akv.rx43a8.co *.us49508dkxz.rx43a8.co *.us49508ecbhya.rx43a8.co *.us49508fhwg.rx43a8.co *.us49508gdsj.rx43a8.co *.us49508guxxyz.rx43a8.co *.us49508otmm.rx43a8.co *.us49508pky.rx43a8.co *.us49508rruxv.rx43a8.co *.us49508shj.rx43a8.co *.us49508slx.rx43a8.co *.us49508tcyzd.rx43a8.co *.us49508vaut.rx43a8.co *.us49508wlkdghn.rx43a8.co *.us49508wxmk.rx43a8.co *.us49508xgkrx.rx43a8.co *.us49508yssj.rx43a8.co
workspacegoogle.com *.workspacegoogle.com *.ww25.workspacegoogle.com *.ww6.workspacegoogle.com