Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.thelighthouse101.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 06, 2026
Valid Until
April 06, 2026
83 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
21:D9:F5:C8:2D:E9:E0:43:2A:54:C8:23:84:2D:DC:94:C4:47:F4:F8:34:F7:A7:FC:F9:CC:0A:48:69:00:6E:69
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
trillmate.com
www.amplifyinghervoice.com
admin-webapp.applogsoft.net
avnet.io
admin.awaio.com
bahaydevelopments.co.uk
bbtools.bbapps.it
bolel.dev
serviceapp.bounce.bike
www.bpa.pro
www.brianlowther.dev
www.canitrustgoogle.com
yasu.clau.io
tonicindex.dataware.dev
felicino.desimone.dev
www.devasoft.in
www.discount-finance.com
www.divpper.com
dosen.beer
www.droptaxiservices.in
auth-firebase.testeapps.eitvcloud.com
archive.audit.elight.com
esiha.net
wordcode.felipenipper.com
fixmytext.pro
www.fld.today
app.formitize.com
www.platform.gamtha.com
bestellen.gyros-bochum.de
hagelandse-ontstoppingsdienst.be
hagestam.com
www.hagestam.com
coffee.halalhbb.dev
facilities-dev.hotwaxsystems.com
job-manager-dev.hotwaxsystems.com
pps.html5.run
icon.inohom.link
jcautobodyva.com
admins.kampaignlive.com
www.kgnrice.com
www.kikashionline.com
dl.kluapp.com
www.korastak.com
lavitacode.com.br
logostudio.fi
lost-monsters.com
macro-logic.com
console.magenhub.com
www.magnoliagardens.in
pluto.mattlongpre.com
wedding.mattlongpre.com
www.mercerelectrical.com
landing.mineyourtime.com
www.mluqmanmoon.com
cms-unikuro.veryal.my.id
firebase.yyyr.nyc.mn
kallakurichi.onewaytaxiwala.com
pmdrtmr.pchvlv.ru
peruliferoleplay.com
verify.auth.pixipass.com
verify.auth.staging.pixipass.com
www.planexrenovations.ca
emosearch.playful.ist
postoakmobility.com
app.progressioncv.com
www.propiedadesdomingofuentes.com
ticket.ra-menda.dev
sso.hom.auth.roit.ai
www.rorisangdomesticworkersandhelpers.co.za
illustrated-galicia.ruralhackers.com
www.sellone.shop
skillrhino.com
www.sonar.fit
www.stavninasvet.com
www.stepspropiedades.cl
storylingo.me
tada.dev
www.taishar.net
www.teracy.link
www.thecallistosolutions.com
www.thelighthouse101.com
ascend.thenextapp.nl
thesimplechemics.de
tiktech.one
namastepilatesstudio.timp.io
pdt.toolbox.plus
www.toomrakennuspalvelut.fi
auth.tourizzy.com
raia-tz.trevior.com
www.tridecalabs.com
tylerhendrickson.me
one-beta.ultroncloud.com
bandguide.usluzi.me
vetriinsights.com
www.vincevahala.com
colorcraftpro.waynetechlab.com
websync-for-notebooklm.com
www.willisra.com
game.yaziki.net
zeneffi.co.jp
Other domains in certificate