Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=anniversary.lazy-y.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
45 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3B:72:1D:DB:3C:2B:B3:B9:FF:B4:76:60:E8:00:3D:72:F6:3B:96:6F:D4:81:30:C5:67:61:75:EA:2C:F3:9D:18
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.imperium.llc
www.abhinavbelide.com
aindasomosdois.com
register.alienbrains.in
alphaderivatives.in
dev.app.anki.life
auth.antena1.com.br
www.availabilityfinders.com
bagelrun.fun
bocyprus.net
horarios.bolanos.cr
cardo.in
catche.in
chefsplayground.org
reset-password.clinicalresearch.io
firebase.novum.co.ke
app.cocotalk.jp
codetocareer.in
dev-receipt.colavosalon.com
kiralama.kosifleroto.com.tr
manager.conciergeassistant.net
crops.digital
dark.legal
dolchi.watch
droid-dojo.ninja
edenonearth.ai
empsoft.info
eslo.in
www.findyournextdrink.com
floreiarchitecture.ro
fusteriaclari.es
app.geniusquizzes.com
blog.goutham.org
grazianonegri.it
gtpninja.in
healthpla.net
kiosk.hyunwoo.dev
c2u.instantscripts.com.au
cloud.iot.ax
qdd.itdd.app
kemg316.jokuro.net
jossueazzad.dev
jtjm.org
www.justinluce.com
kalakart.shop
anniversary.lazy-y.com
meet.liveswitch.io
biot.marineeye.lk
markoni.app
mccann.do
midhunkjayan.online
admin.mijndossiervoorjou.nl
www.mogogram.com
hosting.mojofywp.com
www.mypro-sports.com
staging.onlyanimals.com
cuddalore.onlydroptaxi.com
option26.org
order.preprod.leon-de-bruxelles.paymytable.com
www.metoo.pedidomovil.es
ge.pia.jp
beta.prescast.com
psginc.jp
rawatgroup.in
www.riverstone.app
bolt.roadcast.net
my-calendar.sai-labo.co.jp
sajeerzeji.com
www.sans-facon.com
sanveegroup.com
sayit.so
app.semanticworld.com
simedlearn.be
spiderlab.ai
games.spinberry.com
spinkler.at
www.splitstorm.com
gunni.starcraft.is
www.sutchi.com
syujinko-lens.com
talkingcartoons.com
app.teamtoolsapp.com
www.teunkelting.nl
pinda.thinkzambia.org
www.toltopont.eu
www.triggger.site
trinixinteractive.com
mta-sts.truleague.io
tudorpeople.uk
web3-tema-1.ultof.com
console.simulads.stg.ultraimpression.dev
www.usmadesupply.com
recettes.valentin-got.fr
www.w0rm.zip
dev.unit.wec360.com
weroadlegends.it
www.whosonfirstnft.com
www.app.withhaven.com
triple20.xhibithub.com
redirect.zeals.co.jp
Other domains in certificate