Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=spain.zik.ooo
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 08, 2025
Valid Until
March 08, 2026
55 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6C:3B:62:FC:82:51:5B:D2:18:2E:A4:9B:62:AE:91:60:18:39:27:D9:12:1A:25:99:10:80:66:01:3B:99:E9:36
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
frame-ancestors
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.simpleclub.nl
acabest.com
link.agriavardguide.se
www.alexwhitehead.me
mobile.allvirtuous.com
alphaunit.com
aminebouarfa.com
asapwa.com.au
members.attentivex.com
lateafternoon.awakening.systems
valuetest.ben.partners
bluesmerize.ch
beta.bodyboon.com
staging.cadreporting.com
app.calypsoapp.co
card.cdong.us
auth.choosetribe.com
socialboost.co.il
dev-book.colavosalon.com
monsrestaurant.com.ph
crral.ca
valet.ddzone.xyz
derektjeerdema.com
dignochurros.com.br
drivify.com.br
app.edelia.sk
static.elegantsoftware.co.uk
auth-stg.flockfinder.co.uk
www.freshlycut.ca
friendsbbqchicago.com
auth.blog-serverless-auth-example.gamliela.com
geoquiz.pl
app.integration.get-and-share.com
participo.iesvjp.es
jeromerequioma.dev
myportfolio.jordanc.fr
www.kavaladatafilters.dev
klfit.co.uk
www.lanceotimo.com
lauraboon.nl
web360.lienzo3d.com
q.makesense.org
massif3d.fr
agentbo.merchantgamewallet.com
michigancaregiving.com
mssdata.works
links.multimap.es
myloverr.com
app.myop.eu
www.neenageorge.com
neuronths.com
dashboard.meine.new.de
static.ny-bankruptcy-attorney.com
ostricher.com
p0shmiami.com
pallettechnologies.co.uk
flex.parkchamp.ca
www.paulinesarkis.com
perpetuawatch.com
petracored.blog
application.pluto.markets
pradeeplabs.com
www.produvarovs.nl
ptb.studio
blog.pumpkinpie-tea.com
qubdesign.ro
readwithphonics.com
renovaenergias.com
renovewellness.com
richjranch.com
rieticket.com
www.sandbvx.com
selego.com
sheylamoraisexclusiva.com
opex-bo.stg.shippio.jp
shobhitsharma.com
gifting.sjc.co.za
socialstepsapp.com
bennersamco.sqwadhq.com
cjvbsamcoadmin.sqwadhq.com
nmsuscramble.sqwadhq.com
shopritesamco.sqwadhq.com
tenczyninfo.com
teneriaibarra.com
admin.staging.terrific.live
themorningcatalyst.com
www.thesophisticatedsip.com
appilpp.aot.to.it
www.tomthu.co.uk
lena.topolko.com
trainingstats.uk
unorater.com
portal.fresh.villageco.io
www.vinkoll.se
sms.vltn.io
vueible.com
pages.wataten5-otanoshimikuji.com
www.waterlatam.com
qa.ypodonin.space
spain.zik.ooo
Other domains in certificate