DNS Gurus
Open Cached · just now
74/100 SECURITY SCORE

Certificate Information

Subject
CN=status.prizm.site
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 05, 2025
Valid Until
December 04, 2025 7 days
Public Key
RSA 2048 bit Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E7:BA:C5:A3:FE:6C:12:3D:FB:89:BA:ED:3E:63:1E:78:24:37:E5:E0:7C:9D:04:BA:21:0E:8C:F6:08:BB:7F:0A
Alternative Names
100 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains
www.lab.submary.com

Other domains in certificate

addium.io
dev.links.aestheticsmap.com
www.aitiate.com
www.akstudioz.com
finance-log.andrewsk.com
anorahble.com
astrodiseno.com
crm.dev.beeoclock.com
benzenker.me
bernavemutlu.com
www.bertmark.se
blackstarheroes.com
www.buildonvolkswagen.com
bumingcuan.xyz
cfpsim.com
cfpsimulator.com
www.coinsmebol.com
creativemindsthinkalike.org
recrutement.daamtu.com
www.denicucina.com
digiglowtech.in
ditchyourcards.com
dltfred.com
admin.domality.com
drmrapp.com
www.east-calgary.com
edtxts.com
videdit.esterinity.com
dev.fleettap.com
app.flikko.com
www.gohomely.com
hername.app
www.hoftsoft.com
hotappsnearby.com
hrvendurance.com
infohk.net
app.investcomposer.com
code.iplugn.com
www.itagindia.com
italianwineeducator.com
ivrphones.in
jarvisqr.xyz
books.joecks.dev
juliaandtom.us
crm.justlorry.com
www.kesscode.com
vc.kingiftcard.com
laboratorioleac.com
dev.lms.leaderland.academy
lilpilchuckcreek.org
mahimarao.com
maxolsl.com
showcase-en.mazeout.dk
www.md2site.com
medicalconverters.net
medrock.ai
www.michaelreza.com
midnightsolutions.in
migsvapps.com
mikkohaapanen.com
mobl-rash.shop
mutualguadalupana.org
nomedsgn.com
www.nowcare4u.com
auth.o-key.ai
www.odinn.app
orionvisuals.in
p23systems.net
apiexplorer.pan.dev
patronscan.uk
pokercave.no
polako.app
status.prizm.site
projection-lab.com
neta-chou.quart.red
jimu.remodela.jp
rizzy.ai
app.salsklogist.ru
sampann.net
scdc.app
play.scoorly.se
merchant.scriptbox.ca
setonhillathleticscamps.com
www.staging.sharekey.com
www.silviamatesicluxury.com
speedstudentxerox.in
nibiru.swapfast.app
syangs.fyi
team-poker.app
tennico.app
tokisbackyard.com
nocturnal.tournament.gg
www.uww-th.com
vetspire.com
www.whendidtylerlastshithimself.com
auth.wokwi.com
wordleer.com
rc1.1-mockup.zerothreat.dev
www.zivocs.com