Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.zoesever.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 23, 2025
Valid Until
February 21, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9F:2F:24:3C:62:3E:EF:39:67:EB:DE:19:F5:ED:36:05:85:72:63:EE:72:95:FC:BD:AB:2B:5B:1A:19:FA:D0:81
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
auth.parentsovercoffee.com
apps.additive-apps.eu
site1.allyable.tech
www.alpha.inc
cms.mustard.appetiserdev.tech
astropremlalit.in
app.billbo.tv
blind-law.org
lite.bytebrew.io
www.camberwellbarbers.co.uk
mystery-word.chrismitchell.name
link.cityrose.app
clcgiving.online
www.codepitcher.io
www.coinflow.money
wearesanpete.column.us
www.pusyapi.com.tr
geosupply.com.tw
takde.staging.admin.convercus.io
csavargo.eu
www.admin.denbaba.be
disten-m.by
gbookshelf.doi-t.net
drilldown.online
mybox.empresti.me
www.equinozio-odv.it
eventagram.jp
app.fangate.info
learn-japanese.fedmich.com
fidosystem.it
www.floatr.net
stage.links.getpigeon.com
goodgriefs.market
scavenger.household.fun
app.hupla.fr
facturas.icsacr.com
jagersbouw.nl
ltvco.jyqiu.me
blobble.kevintonb.com
ket.kletterwald-darmstadt.de
koderoom.in
www.lagos-toolkit.com
le-panier.net
loyalcoffee.io
www.lscarlsonlaw.com
lukekraus.me
www.massage-arizona.com
www.massagespaandsalons.org
www.cambridge.mathematic.org
upgrade.migolink.com
greendate.minlabz.com
go.mvtfitnessapp.com
www.myhomeyours.com.br
agent.namasteyindians.com
www.ondrejpolach.cz
www.onedrunkchef.com
palhana.com
www.paraguitarra.com
sushibao.pedidomovil.es
phishphans.com
duaa.youvas.placeholder.tn
gwt.plume.co.uk
spogram.plusclass-sports-incubation.co.jp
prosellerteam.com
app.proxyhunter.io
renovocolchoes.com.br
webarch.revox.io
www.rfbcevents.com
www.riversidesnursinghome.co.za
rollsocial.app
dl.roolz.net
ropedog.link
premiervastu.runi.in
rwm.salon
s-tronix.com
safeguardmedix.com
www.safeguardmedix.com
shivinassetsmanagement.com
logg.skyteruta.no
www.speisekarte.cafe
f.stageme.live
dev.strato.in
xvsofiadeleon.swanmoments.com
bodacristinaymikey.swanmoments.lat
targetliterature.in
teamservicedelgarda.it
www.tecnetics.in
bingo.games.tetherstudios.com
www.thecreativecompany.in
www.themodnar.com
files.tx-learn.net
www.usfundz.com
www.vinedev.io
www.ww-bau.com
wwich.app
xurlabs.com
yenzatech.co.za
yozoranikotoba.com
www.zoesever.com
mmos.zone.id
Other domains in certificate