SSL Certificate Analysis for vizzy.io - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=guptahitesh.me

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

October 06, 2025

Valid Until

January 04, 2026 41 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

F7:47:00:10:FE:B9:5A:C0:C2:13:23:35:35:C1:FE:9E:6C:F8:03:69:1A:5E:5A:18:50:F3:67:81:83:FF:D0:03

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

vizzy.io

Other domains in certificate

www.achiratect.com

www.allok.online

app.authentigate.io

ballebaaz.in

admin.bookster.ai

two-factor.boxup.io

www.businessestobrand.com

chema.mx

auth.cloudpagehost.com

admin.3es.co.in

get.hanse.co.ke

codeservices.io

beetit.com.cy

dahegyi.me

dentifydental.in

train.detecht.se

cv.detectorexploraciones.com.mx

killme.devonacid.com

wajeeh.devoratechnology.com

dlknet.net

www.doathing.app

fishbowl2.droov.io

www.edelfall.com

dev-web.everyday.coop

www.eyescholar.com

store-management-development.ezmeals.tw

fitnhealthy.us

www.fourthjdcasa.org

www.fxlink.co.za

admin-dev.getfriday.ai

git.fi

www.gloya.app

firebase.grex.com.br

growvera.app

guptahitesh.me

happ-e-tax.co.za

hikari-fast.jp

console.merchant.infi.us

www.inkdropphoto.com

inprose.se

shop.instantkegs.com

ipgeolocation.app

javascriptuncle.com

firebase.staging.justuno.com

kaigan.st

katieandryan.us

menu.kazandin.net

koiwakoiking.com

kor-ui.com

lalita.vn

preview.admin.listique.com

www.lxbrown.dev

testing-admin.macademy.in

www.macaosoftware.com

app.medtech.africa

mesbro-movies.mesbro.in

www.metriport.ai

mysanguine.com

blog.nicolasong.com

www.nilateams.com

www.nirmalkarthik.com

noblemind.sa

www.nomadradiology.com

www.noredeen.me

v2.widget.pms.sandbox.nowlvble.com

m.perfluence.tech

dev.phaver.it

profintech.in

www.ptrs.app

www.publiko.ph

assets.realdealsweeps.com

lab2sign.removis.jp

www.rentogpt.com

menu.saltsoftware.io

segments.app

servdoc.com.br

sisco.kz

www.smitebase.com

anseong.smsb119.com

contribute.soothingrelaxation.com

dev-at.spork.cloud

streamline-consulting.jp

l.t13.io

portal.tempestapps.io

thackerchangwedding.com

thefedors.com

connect.theopenacademy.org

thesebi.dev

www.thewildcajun.com

prod-friend.tips.sg

tradecitizen.org

auction.tradefor.com

dev.stockloan.velocityclearing.llc

wakanda.community

wdsong.net

weddingring.mn

wheeapp.com

whitebear.asia