Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=auth.zendeavor.net
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 21, 2025
Valid Until
March 21, 2026
68 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2A:FE:42:CD:7A:A9:6D:33:05:EC:55:79:DB:9E:CF:17:49:76:F8:65:7B:DA:57:66:0E:CB:4A:DF:4B:56:47:E1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
seaube.com
mail.11yearsafter11.nl
2punto8design.com
www.amans-service.de
link.appwow.co
apsnaturals.com
www.calloctech.com
cilantrokittchenandbar.com
trides.com.my
sft.com.pk
sentensplit.coolespace.com
app.craftyourcrew.com
craftyourcrew.com
shoutouts.dev-set.live
dpcyouthup.org
dpksa.net
dreamlin.com
my.easyday.se
erniephillipsportfolio.com
tv-onil-x.euconquisto.com
fahrschule-tiger.de
api-test.fictioneers.co.uk
www.fictionsoftware.com
dashboard.anguard.fidtech.net
multibet-test.gentsys.com
getmegabot.com
partner.goflytta.com
app.gopetey.co.uk
granitedigital.je
link.hellopye.com
mta-sts.hill-billies.nl
holly-transportation.com
iammoriz.com
iplex.inas.ro
www.infocrowdsource.com
inoufy.com
app.inspirescorebuilder.com
insulargames.com
app.kabandu.com
www.karlswims.com
www.kidsuptiengviet.vn
kolabrata.com
app.kupler.in
fii.lead-360.co
likelikeplay.com
loqui.life
app.dev.ls-tech.dev
forms.dev.ls-tech.dev
www.app.dev.ls-tech.dev
www.forms.dev.ls-tech.dev
lumo.dog
californiagrill.lupi.delivery
macrocloud.in
manfredschafft.com
arrowhealth.medwizsolutions.com
mhdpronos.com
www.mhdpronos.com
mikesgripes.com
www.milesonfilm.com
miromigroup.com
www.mobileempires.com
mobitier.com
newtifi.com
www.ning.hu
www.nodalbox.com
www.notiful.co
nxtstride.com
sis.oakwoodfriends.org
www.onixbywellow.com
openfeedback.io
orobyteit.com
ownyourtree.com
patiocomidasgeant.uy
phileasinformatique.fr
procreateweb.xyz
www.psychotherapie.psychomedica.de
www.rafihaque.com
rentsmartproperty.co.uk
www.sam-apps.com
savordi.com
sinmode.com
bi.snapmentor.no
permis.spaq.com
starwayadvisory.com
admin.app.swllearn.com
publishers.app.swllearn.com
tabingo.com
www.taina.wine
www.thepivotsolution.com
thinktanc.co.uk
gagny-patrimoine.toysfilms-interactive.com
www.treadtransportation.com
tripcountdown.trickytreebranchtech.com
tsang.se
www.verify-credit.com
www.w3bytes.com
weshould.run
mediasite.wowdesk.jp
track.yonnaforex.co.uk
auth.zendeavor.net
Other domains in certificate