Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=zstore.qa2.restoplus.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 13, 2025
Valid Until
January 12, 2026
43 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
87:B9:A5:C7:D2:0F:2A:A0:19:8C:48:27:24:B0:76:2E:FF:F2:EE:60:07:F7:EA:2F:32:13:4D:DA:F6:E9:AA:0C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
prisongothic.com
www.allworkscreensaver.com
www.almeraim.com
amigosecretoonline.com.br
zinzaneafiliados.appshare.com.br
app.aribasadmetlla.com
ashwinkumar.me
www.bateau.dev
links.beautinda.de
hakarifest.bracelit.es
admin-dev.brookesnow.com
cardiogram.me
www.chad.io
mozambique.civicbase.io
www.coalminingstudio.com
tc-steinamrhein.courtly.ch
dev-chkinvnihr.cyberliver.com
www.dasitconsulting.com
www.deparkstad.nl
www.devtrategy.com
dilraj.dev
www.dishshot.com
www.djdcapitalgroup.com
app.doink.com
www.dopomagai.org
link.dronecontrol.co
ds-tech.in
crna.genanes.net
www.golearningsource.com
www.gundo.app
www.hasst.com
www.heircut.com
htake.com
htmlutz.com
test-site2.ignission.site
testnet.irisapp.xyz
iztech.dev
jasnum.pl
ondrej.kuk.la
lp.linx.live
loremio.com
lsyncsolutions.com
www.maderr.com
old.mcinnov.fr
myfirstresume.in
nameless-stud.io
nbusy.com
cpall.originsme.com
blog.ovisly.com
www.oximeeg.com
www.nosinmicrew.pandaartistmanagement.net
patsne.ws
www.pdgorille.com
plgodin.dev
sl-staging.podkite.com
pupper.me
teams.qikbyte.com
qualiassist.com
www.quickrentl.com
rachelherriges.com
rachelpatino.com
ramgendeploy.com
raphaelclinics.com
pbsa.rasameel.com
admin.receps.hr
reizoom.com
zstore.qa2.restoplus.com
www.riztechlabs.com
www.robotic-crowd.com
nc.s3f.sa
scorepro.golf
fbisd.seesomethingsharesomething.com
aff.selly.vn
www.serkaimusic.com
sheepdogandwolf.com
simonlevett.com
link.spaceflow.io
pfp.spooder.xyz
starter-homepage.de
www.swifttechlabs.com
www.systemkontroll.no
tanvirchahal.com
tapotapir.fun
www.staging.taxhelper.dk
af.techdigitalcard.com
tiagoemerick.com
timepasstv.io
tissus-africain.com
torihius.fi
boutique.tribuo.fr
trnty.co.za
saas.usdtify.com
minibus.uvu.kz
vectorsq.com
www.virthis.com
auth.whispark.com
wilsonwid.com
auth.xascore.com
presenca.xptoconsig.com.br
yufeizheng.com
Other domains in certificate