Open
Cached
·
1m ago
77/100
SECURITY SCORE
Certificate Information
Subject
CN=char.zwanedev.xyz
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 25, 2025
Valid Until
December 24, 2025
43 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FE:21:58:74:8B:89:FA:20:7B:70:0D:3C:41:A3:9D:73:65:5E:A4:21:F4:D8:D0:09:3D:BA:4D:1C:CE:F3:2E:9A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.manwey.com
aarolahtinen.com
www.amana.ai
study.ambitionprofile.com
app.automotrizpetersen.cl
avnir-event.com
bilverkstadskovde.se
bladeandhammer.com
www.burke-solutions.com
youtube.calomeal.com
app.v2.dev.casus.ch
events.catchupcalendar.com
fooditis.cateringportal.io
www.chepex.app
cleancoastcomputers.net
myfamilytrip.ynet.co.il
www.codeassist.app
cresc.io
douangtavanh.com
landing.eatrepeat.in
iqacdoc.uem.edu.in
elementalsymmetry.com
eliottabadie.com
www.elizabethschindler.com
www.elusivecar.com
www.em-lab.fr
event-attribution-staging.gassets.emarsys.com
epicpandagames.com
tickets.ethbarcelona.com
www.findflix.com
flyk.me
gazumpd.com
www.gitorg.org
greengagefinance.com
goto.guardians.app
www.hakkidongel.be
halftheopposite.dev
www.hamata.jp
happyzuri.ch
helianthus.io
huamanifernandez.com
www.idesporte.com
ilivou.com
ishinomaki-marine-village.com
www.itmov.com.br
apps.joinsherpa.io
coach-staging.journey.cloud
jw-gas.com
kerenzhou.com
wkst.kioscodeseguros.com
ksanjaya.com
www.kuopionlentoasema.fi
www.lacksautomotive.com
laddercommerce.com
lanubo.net
app.laolivaverde.com
classify.lefty.io
lexflowapp.com
linelesscircle.com
vag-site.livearf.com
loot.com.br
lucaschew.dev
bpss.matrex.in
mattwood.dev
www.mediformtechnology.com
www.moonagilegrowth.com
movement-mixing.com
www.myplanetweb.com
hml.adm.navigatetrip.com.br
message.northsidenissan.ca
transcribe.oneai.com
www.osamailyas.co.uk
panjs.com
pedidodomicilio.es
ordernow.phocafelafayette.com
pinkglitches.com
auth.qupas.id
dairymgmt.rcloud.dev
dev.manager.rendezwine.com
rosvic.com.mx
mta-sts.sandiegomentors.com
betbad.smashtheshuttlecock.info
analytics.spaceknow.com
first.sza.ma
www.tanstaafl.dev
developer.techcora.in
customerportal.thebusnetwork.com
dattcocustomerportal.thebusnetwork.com
dattcodriverportal.thebusnetwork.com
driverportal.thebusnetwork.com
ops-test.thebusnetwork.com
opv2driverportal.thebusnetwork.com
thefaxfree.com
www.treatsderby.org.uk
trueorfalse.app
vimal.im
links.wobbjobs.com
app.yourdoctors.online
zstarproducts.com
char.zwanedev.xyz
Other domains in certificate