Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=live.zoiclabs.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 29, 2025
Valid Until
December 28, 2025
36 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
21:AC:10:6A:C1:3F:5A:6A:1C:F7:57:90:A1:37:3A:A9:36:55:78:36:92:20:0B:67:98:47:E3:A6:DC:06:57:5D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
git-hook.randomforest.ee
a.123games.app
report.24seven.pk
adexas.com
www.adindavanderzande.com
anamvr.com
andrearotesi.com
www.asianamericanedu.com
firebase.beatscratch.io
applink.beintl.com
staging.blockchain.bloqadmin.com
www.bridgetunes.com
tinyhomes.builderaitools.com
caguascriollosbsn.com
benjamin.co.in
driver.codedmile.com
cdn.colibridrive.se
mregdemo.worldpos.com.my
movie.fooyee.com.tw
dependableaisolutions.com
d1-myreturns.dpd.co.uk
dynasoft.co.uk
easypizzagja.com.br
esignhealth.org
fornidodev.ng
www.fort-x.tech
lieferschein-wellhausen.galvaswiss.ch
admin.shop.gls-portugal.pt
haithamsalama.com
hibiscus.technology
hifromkate.com
dev-egat.houseofdev.tech
www.kalmarunionen.no
karupatticoffeefranchise.in
kasuga-ac.jp
my-dog.knieszner.pl
preprod-app.kraaft.co
kushalm.xyz
www.laflotechhub.com
landingdevs.online
info.leximancer.com
pocketpal.llm-ventures.com
app.ltlky.online
staging-a.m-t.io
marcolanfranchi.com
bline.mboyz.de
memom.in
michaelmoyles.ie
misasuntos.es
missionmotors.co.nz
mxcxce.com
djikoe.my.id
staging.mycatholic.sg
nathandimmer.com
www.norwoodeveninggardenclub.com
radek-and-flor.novacek.me
moviehome.piticommerce.com
vidzon.pixelnx.com
bestellen.pizzaadam.de
platoz.net
www.plurial-novilia.tv
docs.proofofvalue.co
puppynote.com
www.puppynote.com
quantnx.io
www.quicklyupdate.com
www.qwoach.com
staging.ratality.com
reactriddle.com
stage.roadspot.com
dash.runesoft.dk
www.rvafamilydentalcenter.org
sandapros.com
www.sheboyganderm.net
shwas.org
sigma7-school.jp
www.silmu.dev
chat.smartmation.com
travel.smartpick.tech
spokesafe.app
www.stavideti.com
teabenchfranchise.in
www.terragusta.be
img.the1sanji.com
dispensary1.thesoftwaredispensary.com
admin.townhistory.app
tuitamoband.com
www.uzimsigner.com
verwifi.com
api.vincents.app
vintagepunks.com
www.vishwakarmainteriors.in
www.wallprinted.com
emergency.waterdamage1800.com
www.wnatechlabs.com
yui-con.jp
gravitate.zarinloosli.com
zettabit.it
l.zigg.app
live.zoiclabs.io
Other domains in certificate