Bro check again… This time actually follow instructions.

Search for LEMMY.SAIK0.COM… Notice it’s not there even though my instance clearly exists and has an SSL cert.

What you’re seeing is certs from over a year ago. You’re seeing domains I registered specifically. eg… not ones I’ve associated with a wildcard.

Next time make sure you’re actually right before you act so confident.

Here’s a list of subdomains that are under a wildcard SSL cert… That will not show up in that list since they were never registered for their own cert and only EVER operated under the wildcard one.

convert.saik0.com
esign.saik0.com
lemmy.saik0.com
wordgame.saik0.com
yt.saik0.com

And there’s plenty more I could point out. But if you follow instructions and actually search, you’ll see that those do exist as accessible subdomains and do not show up in the crt.sh tool.

Edit: LMFAO so you downvoted me… checked my shit and realized that you’re wrong. Deleted your message and kept your downvote in place.

Edit2: For those coming after the fact and maybe not liking my initial tone at the top there. I mirrored the tone they posted in.