SSL Certificate Analysis for quartzbase.com - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=www.cloismartlift.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

September 20, 2025

Valid Until

December 19, 2025 33 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

51:23:A8:06:54:24:94:AC:6D:BC:D0:7F:2F:6B:6C:94:09:EF:52:28:DA:9C:75:30:B4:AC:16:70:6F:3B:5A:71

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

quartzbase.com

Other domains in certificate

www.affilatenetwork.com

www.affilatenetworks.com

affilliatenetwork.com

afilliatenetwork.com

aijobshunter.com

www.amazonpros.in

en.angula.app

animalnet.app

appthink.com.br

async.studio

www.auto-motor.de

www.shop.avsemprize.com

bamorem.com

api.bamwallet.io

www.bqhflooring.com

business-solutions.tech

www.chalker-pr.com

www.cloismartlift.com

www.creamai.com

www.crosshare.org

darren-choi.com

digitxtra.com

link.dogcat.app

dome-alsancak.com

donnellytech.ca

www.dragomanager.com

www.educationencompassed.com

circleqr.ejastech.com

www.electrisolarpty.com

www.enrollhere.com

eresfit.com

erikschu.com

www.evuapp.com

www.fakescore.com

foirola.com

founderrr.com staging.founderrr.com

freesubtitles.org

frenchngo.com

www.freundevonmelo.com.ar

fruitbythebay.com

uat.funfunspell.com

geothermal-ci.com

jakobdreherei-stg.gocad.de

piano-app.gogogame.com

lnk.hbsaude.com.br

hirstelectricalservices.co.uk

i-revise.com

inabtech.com

www.initium.ai

anr.j4f.jp

staging.jackoftime.com

www.jefafa.com

jessicakhope.com

jeveuxtravailler.com

jonnymacmedia.com

jrwcpatax.com

kaynakkardesler.com

kennyblackprinting.com

kiewic.com

kimiakavanroodi.com

kirksvilleautoworks.com

www.kirktest.com

tic-tac-toe.llewnroc.com

main.mavenai.app

fixed-attributes.mesbro.in

www.missionmanager.app

tabs.mobilenxt.app

modularhousechallenge.com

anti-aging.motus-melior.hr

www.murphysreliablerides.com

neth-ai.com

ninecombinations.com

www.pitted.app

apps.playdayy.com

posthook.io

qromb.com

www.quintessential.fun

re.cards

inventory.reusedtire.com

www.rispectra.com

simplicitymadeeasy.ca

soundstateapp.com

ceolis.speakylink.com lideo-app.speakylink.com tete-a-tete-app.speakylink.com

sponsor-db.com

demo.stratj.app

stringdb.com

takanyo.dev

thetripchat.com

www.wabler.ph

westling.io

wishtag.app

xyfitaiapp.com

yoshi-debug.dev

yxdha2vuaw5n.com