Every SSL/TLS certificate ever issued for this name, indexed from public CT logs.
| domain | status |
|---|---|
| cs-kickstart.berkeley.educrt.sh Google Trust | expired 10mo ago |
| cs-kickstart.berkeley.educrt.sh Google Trust | expired 10mo ago |
| cs-kickstart.berkeley.educrt.sh Google Trust | expired 1y ago |
| cs-kickstart.berkeley.educrt.sh Google Trust | expired 1y ago |
| cs-kickstart.berkeley.educrt.sh Google Trust | expired 1y ago |
| cs-kickstart.berkeley.educrt.sh Let's Encrypt | expired 1mo ago |
| cs-kickstart.berkeley.educrt.sh Let's Encrypt | expired 1mo ago |
# Python
$ pip install ct-radar
$ ct-radar cs-kickstart.berkeley.edu | httpx -silent# Go
$ go install github.com/imfht/ct-radar-cli/cli@latest
$ ct-radar cs-kickstart.berkeley.edu | nucleiThis page lists every X.509 (SSL/TLS) certificate ever issued for cs-kickstart.berkeley.edu and its subdomains, as recorded in public Certificate Transparency (CT) logs. CT logs are an immutable, append-only record of every certificate issued by participating Certificate Authorities (CAs), as required by the major browsers since 2018.
Subdomain enumeration via CT logs is one of the highest-signal techniques in reconnaissance — every time a TLS certificate is issued, all Subject Alternative Names (SANs) on that certificate become public. Internal and forgotten subdomains regularly show up here days after they're set up.
To monitor cs-kickstart.berkeley.edu for newly-issued certificates in real-time (useful for detecting unauthorized issuance, phishing variants, or shadow IT) add it to your watchlist (Pro plan).