Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=nail-pos.zectyr.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 23, 2025
Valid Until
March 23, 2026
72 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
19:80:55:19:1A:DA:B9:56:0B:29:6B:13:9E:2E:A3:8D:BB:07:1E:7C:74:69:C1:BC:9F:28:D8:65:A8:EE:2C:A4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.hotelsairegency.in
91ilife.com
link.abendgeschichten.de
ankertag.com
link.appreciatewealth.com
privileges.athenas-capital.com
atlanticmetaltechnologies.com
internal.autecla.com.br
www.bcandido.com
www.beatflare.net
appbv.bv.com.br
app.chatbotta.com
www.codebot.jp
www.cumcube.org
coursepmdemo.darklight.club
2014.davidecantelli.it
denik.online
diserve.net
submission.divyarasayan.org
dnidltd.com
dsacsi.com
order.easeyourlife.in
edenlabs.llc
eelammaangalyam.com
emsgen.com
eradat.me
blackstreet.eu.org
evoinsparks.com
clima-test.farmacare.dev
finapoints.com
www.fitclip.jp
ski.flockim.com
fuedle.gg
www.future.rent
gov.gamefp.dev
www.gardenspruce.com
www.getmyfavorites.com
gismatrix.io
golftracker.ie
app.hackin.wiki
hellodataworld.com
care.hipai.in
picking-uat.hotwax.io
hxcure.io
www.ibeck.me
immadusha.me
www.imsoretro.co.uk
infinicube.com
jayjs.org
jenga-agency.com
prakash.juttuka.in
www.kifaministries.org
loantracker.in
www.lymanrentals.ca
playground-admin.m1studio.co
sisyphus.project.mathematikoi.agency
memoriaflashcards.com
mentavit.nl
www.mervix.live
gameportal.missiontopsyche.org
www.myreceipt.co.nz
qrcode.nicbrain.com.br
osaka-ohtani-rinweb.jp
api.pixelbots.io
g1.quesmatic.com
stage.links.rallyreader.com
randysryan.com
advertise.ricebowl.my
goals.rosenpin.io
dev.odr.sama.live
www.signandrun.com
api.skinjuice.com.au
jobdaysleft.sleek.software
mission.staging.spase.io
atdeveloper.swish.nu
techben-crypto.com
testevisual.com.br
vrumble.tesuji.io
www.theaccuratemeasure.com
thesensetech.com
darcstudio.theviewer.io
topclusters.io
api-exhart.tradedash.app
uglyboo.com
uncannyvalley.com.au
unicupos.com
www.upstreamrain.de
app.valoapp.io
sct.devacurl.production.wasabirabbit.com
development.hr.wedevelop.me
wefreelance.net
www.weresilient.com
www.whatis.us
whichplace.io
www.whitehat.org.uk
domanah.yazeedsabil.com
nail-pos.zectyr.com
www.zerahcorp.com
x.zmalltalker.com
zmy.pw
Other domains in certificate