Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=zwin.boutique
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 28, 2025
Valid Until
January 27, 2026
71 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
15:C5:AE:72:FD:59:20:08:E6:C6:5E:E5:3C:31:0B:C6:05:A8:86:7C:E3:AC:58:85:7E:2E:39:CC:89:B9:88:7D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.krassgeil.de
ablejapan.co.jp
abre.casa
acailegaloficial.com.br
rasp-dev.adssets.com
agatestudios.com
www.agatestudios.com
status.agechecker.net
secure.agilius.co
ameergroup.dk
www.aseminar.ru
www.bluntcardz.com
weather.boosters.company
brownstonevintage.com
www.brownstonevintage.com
id.carrot.net
examen.challengehub.lat
chatomel.com
chickenrise.es
cliproject.earth
www.estemed.co.rs
dl.elkenuat.appandus.com.my
www.kindercode.com.my
strumenti.cosmo.studio
dimageviewer.d128.work
myvarriendos.dataprop.cl
propiedadesalbanecich.dataprop.cl
www.dietafodmap.com.br
langen.digitaf.de
www.disuasionfrenteagresion.com
www.doubleaaclassactionsettlement.com
duby.dev
www.ehal-greka.ru
tools.admin.electriphi.dev
cosmictavern.emiebrands.com
www.firegram.ca
gehrmann.org
www.geniusgames.com
ginnyhelsen.co.uk
cdn.boilerplate.giraffeql.com
staging.golden-ratio-united.com
gprr.in
admin-steamhub.idealabkids.com
www.portal.jayurewards.com
diet.jetpackpony.ru
powerkeys.jklm.co.za
www.kaffeekraft.ch
kn-connect.com
www.knutur.at
www.letsoptimize.com
lime-tracker.com
www.livekoora.vip
lowgular.io
pjanoo.marfor.io
www.mascotia.co
mdkaiumhasan.site
www.mdkaiumhasan.site
memorialbidel.de
safira.mercadodaenergia.com.br
www.mindfulhealingappltd.co.uk
app.minpokei.com
staging.mwide.net
www.ulem.my.id
www.navibi.ai
nicolesullivan.xyz
nm-shop.ru
admin.omnicar.io
dash.osfe.art
www.oule.re
pixerus.app
www.pixerus.app
pmcusa.org
pomerlist.com.br
www.pvlscan.com
www.qrew.com.au
rogersmeby.com
www.siddheswaribastralaya.com
webapp.smartacqua.com
alpha-v6.spont.cash
spelling.spot4sale.com
api.storytellingar.com
synthify.io
dev.about.sysmori.com
www.taxisanfelicecirceo.it
texgit.com
web.thisthatapp.com
timer.timesheet.io
ceid.tozny.com
www.travelaffiliatepartners.com
trax.health
www.usui.work
admin.dev.valdera.com
www.vchat.cam
whaletrace.io
www.eldowe.work.gd
www.xoeta.com
xoeta.com
chord.zacklukem.com
zenstudio.it
zwin.boutique
Other domains in certificate