Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.z0.nu
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 06, 2025
Valid Until
March 06, 2026
68 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E1:DD:1F:33:32:CD:03:F5:67:65:70:50:75:C3:2E:72:CE:4F:26:C0:5B:E6:4B:3A:4D:C1:3A:DB:19:99:5C:10
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
askaf.in
www.2tunes.nl
www.abilways-eu.com
www.acquireconveyancing.com.au
advenrius.net
aity.dev
www.apartinator.ro
atlanticenterprises.biz
uat.ayun.ph
app.berpindah.com
blbrokers.com.br
bsotd.app
app.buildmacro.com
retail.bwinners.ls
web.bwinners.ls
calculadoradelubrificantes.com.br
catchthefireitalia.com
firebase.cgeorgiev.com
auth.clickgrub.com
dga-mee.cmatik.app
cosplayfun.ro
www.cosplayfun.ro
www.danielpfinnegan.com
www.datafitness.jp
app.davidboehm.ch
decoarredamenti.com
test.degencoindozer.com
music.denolk.dev
www.derajaipur.com
connect.directify.co
www.dokteroneshot.com
link.doktortakvimi.com
test.dumpster.app
dev.emojipairs.app
ed2cprc.expressdecision2.com
der-spiegel.futureofvoice.com
gastrobar.app
fgts.gbank.com.br
devfest.gdgtashkent.uz
www.hanspaulskestavitelstvi.cz
www.heyyou.it
www.icanhazk8s.com
www.ifinyela.com
stats.iilm.io
www.impacttxtech.com
sige.innovate-gua.com
istandre.com
mia-cms-qa.itxi.aero
jacksonsearthmoving.com.au
www.jccsprts.com
production.jetsyt.com
app.joyrideautos.com
www.juradelight.com
www.l-cockpit.ch
site-dev.lovb.com
link.qaapp.mdrt.org
kiosk.medeintegra.app
presence-stg.minmeeting.com
dev-fb.miselog.net
lavaflow.modality.co.nz
montesrojo.cl
launchpad.msc-mobile.com
musica-linguae.ru
www.myappointments.online
nathanaleman.com
pic-stargamesgermany.mentor.neccton.com
www.nickbdev.com
noahschaub.ch
notslot.com
katarzis.ofirnadav.com
react-boilerplate.orphic.ca
www.parheliongames.com
www.pedakon.fi
perfk.dk
pissarelliautomoveis.com.br
newhouse.piticommerce.com
toycity.piticommerce.com
pixelbros.gr
sandbox.dms.ui.pocketatm.in
dev.pre.do
oud.ratiomonitoring.nl
www.rauchbar-bensberg.de
remontreek.kz
www.seojuneng.com
www.sercroche.com.br
sieuve.com
checkers.sqwadapp.co
sticksofnics.com
sufusku.se
ap-fhzirp.suite-nt.com
www.swahilihub.cloud
photostudio.swift.co
cpanel.texone.app
l.thekredibank.com
www.tippr.eu
vadiim.com
www.valcarce.com.ar
phish-streak.vinnybod.dev
kontaktier.wanke.jetzt
www.z0.nu
Other domains in certificate