Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=apizf.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 21, 2025
Valid Until
February 19, 2026
81 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
60:00:7D:EA:73:5C:51:49:E1:B7:2E:8E:07:53:D1:CD:81:CD:44:DD:B9:ED:73:3D:4F:83:41:0B:3F:47:11:88
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.gbws.net
99ideas.es
www.abrholdings.us
lms.undiknas.ac.id
aevaprecision.com
chrono.agamworks.com
www.agploy.com
dajaj.aljaf.uk
staging.allthemidi.com
uretim.alsancakuniforma.com
grievance.anjaconline.org
www.anzellotti.dev
apizf.org
arraymaker.com
kengowest-panoramashop.bestat-data.com
www.bidaia.travel
www.blackhill.co
share.bokie.com
pray.broox.us
businessriver.businessenergyawards.ie
www.chronoft.com
console.eliteacademy.co.in
opentechbox.co.th
cocoa-pro.com
codigologia.com
ps-internal.codingninjas.com
www.com3it.com
craigwoollard.com
www.cravedin.com
www.crdls.com
www.crral.ca
cryptoassetsystems.com
cyhermes.com
darkhorsegrillandcatering.com
dartagnan.ai
digital-oxygen.co.za
dkyoyoung.com
dox.cl
invite.drorapp.com
dynki.com
www.ericawitcher.com
dev2.mon.espacesalon.ca
qa.farmanager.com.ar
www.friedmanpe.com
fxgrid.zone
galiandleo.com
api.givemycertificate.com
dev.admin.golfcaddiespro.com
greenlightbalance.com
ijatsr.org
infospacesolutions.com
advisor-kpl-stage-8.ischoolconnect.com
cms.kekomo.es
go-experiences.konnektz.com
kreoworld.ai
console.business.kurasub.com
www.leszczynski.me
partner.litmusscan.com
locumotion.co.za
logik41.com.br
www.lucillegames.com
www.lunalitesoftware.com
mcmexpertises.fr
link.ext.moodby.com
app.mymatey.com
ordering.myntapp.io
share.nuitapp.com
oma-conciergerie.corsica
www.oneshoeco.com
onfoco.com
www.online-tutor.co.uk
www.paulinedevine.co.uk
www.paulwhite.codes
go.quranmajeed.net
rameal-nabeeh.com
reachfashionstudio.com
readerschatter.com
www.redlemon.com.br
www.samuelru.com
www.schessa.com
www.seasidemedia1.com
alpha.skullz.city
www.slopedog.com
inscription.smartstock.ma
redboks-pwa.smartvending.cloud
inside.spacemonki.ch
spiritualswordmissions.com
startups.video
wingyip.studiossolution.com
swordfishwp.com
talkhomeapp-firebase.com
instance3.tallyfor.com
www.teamvidiyal.org
tonalify.app
www.torahreaders.com
link.tsylana.com
ulllibertad.turnosweb.app
unit.lease
weareism.org
account-auth.weversedev.io
Other domains in certificate