SSL Certificate Analysis for admindashboard.ztcona.com - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=tagrate.ishinov.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

November 25, 2025

Valid Until

February 23, 2026 87 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D5:FB:F9:E0:E3:31:1E:0A:11:F7:23:21:AD:DC:91:21:BA:3A:C8:50:1E:F4:93:8F:E8:AD:DB:F0:9D:A5:2F:D7

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

admindashboard.ztcona.com doctordashboard.ztcona.com hospitaldashboard.ztcona.com

Other domains in certificate

fo.1touchrevolution.com

thd-820-cert.3dcloud.io

meets-dev.acami.io

usertest.accessiway.com

www.adindavanderzande.com

www.aktmodell.rocks

www.aloksi.hu

amcostudio.net

www.angeltech.com

artivistfoundation.org

pac.attf.xyz

www.bucatekel.net

app.cadena.dev

www.cghomes.co.uk

code-pushup.dev

smile-linkhealthcare.com.my

creditoperola.digital

www.crowdform.studio

dentalexcellencehyd.in

share.dexx.au

terminal.doorjames.dev

eis.gg

www.epiphero.com

one.fringe.nl

deals.dev.fultongrace.com

go.gasbuddy.io

creative.gctc.in

gpt.staging.geoanalytics.group

sellersspec.hasotech.com

hotelacaciainn.in

www.instaeats.com

business.inzarys.eu

tagrate.ishinov.com

www.jennabarth.com

www.jgarvidsson.dev

karakaya.co

kipruto.io

korshem.net

senano.lapieza.io

wp.luciaprotocol.com

teste2.lupi.delivery

markdownlivepreview.com

app.milo-ml.com

app.monmenu360.fr

djikoe.my.id

www.mybetterbodyfitness.com

mybitsolutions.in

www.myoptcloud.com

namekeeper.info

live.navkargems.in

www.nimbocrash.com

www.oliblade.com

portal.oryxmovementsolutions.com

www.pairful.com

design.paperstac.com

pawelpaszki.com

mixology.pedromandinga.com

peterbadibake.com

pgccteetimes.com

www.phroob.com

profjosecarlosalvim.com.br

inco.queliga.com

tienda.rappidtech.com

staging.ratality.com

renoveer.ee

undivided-identities.rereeti.org

dash.runesoft.dk

www.saascadetech.com

www.sagasofyore.com

saikripaengineering.com

saleck.fr

shizenpartners.com

menbiz.simplex-erp.com

staff.dev7.skool.sg

so-vera.com

www.solarplus.pro

spacefelt.com

spamonion.com

spheon.com

www.teashopfranchise.in

movie.thanawat.dev

signals.track49.com

treelog.io

query.trevinsmall.com

www.ubiforecast.com

app-enterprise.velauto.com.br

dev.verumai.com

veterinow.it

app.vifil.com

www.vigneshsudhakar.com

ssc.vldzgroup.com

wgora.com

auth.wholeheartedly.xyz

deancollege.wiselysoftware.com

workdaylog.com

fireadmin.x2mobile.net

zooesis.com

Free Cloud Credits

Get free credits to test cloud platforms