Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=fnqcw2.zgus.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 26, 2025
Valid Until
February 24, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
69:D7:79:3E:CD:10:87:21:34:11:D1:73:9B:E5:5B:45:BD:84:A3:DF:88:5E:95:57:60:1A:DC:3A:EC:40:82:53
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
zmkelan.ru
www.70kgless.com
dev.adven-share.com
airigo.in
tictactoe.algorithm-net.com
www.alourix.com
carlos2.anyware.software
nh.appsiste.co
atara.uk
dashboard.atlasdot.co.za
tools.ava.glass
cascade.backuptyping.co.uk
jbuild-staging-model-viewer.beerlabs.com.au
bilsnakk.no
portal.bitforce.pe
bluebuilt.ca
bankunion.bracelit.es
auth.roost.brightmind.com
absa.bry-marfaing.com
spin.buyonegram.com
bcvolkswagenoftupelo.carmunity.io
link.coompras.app
probandoando.corntech.com.mx
www.crossroadscenteroffrederick.com
auth.debtsy.xyz
user.debtsy.xyz
www.diagonalimmobiler.com
www.dobermanclimate.io
schoolbase.cadt.edu.kh
seller.fidelizzare.app
painelpalestina.g2canal.com.br
goagile.co.nz
gooddealfireworks.com
by.gregmarine.com
preview.report.gs1it.org
immersed.design
infocore.com.pe
join.iris.finance
student-demo.ischoolconnect.com
japjappanama.com
johninthedark.com
kincei.com
dev.kivando.com
www.lemeai.com.br
omnicdp.linka.com.br
auth.lo-beam.com
www.lucpc.org
www.magichill.rs
www.maglinc.com
menghak.dev
mikemiwha.com
miku.digital
www.mog-design.com
mukherjhor.com
link.rio.my.id
nashod.com
www.neuvays.com
www.nzwheels.co.nz
www.offenerechnungen.ch
orinoqo.nl
super.ovwrstudios.com
p3rkstudios.com
certify.patrol360.dev
app.pinkwing.net
www.prandini.eu
www.qadleanmanufacturing.com
repairbros.in
student.roingapp.com
www.roomierules.com
auth-dev.rubyglint.com
cfw.rxcx.au
www.rxiapps.se
sads.si
samratent.in
midarululumbadan.sch.id
www.seb247.com
showroom-fub-ag.ch
www.solvextion.com
www.souhaib.dev
admin.spartnet.lt
preprod.stairling.com
steelandsigns.com
pmc-sb.suitefeedback.com
portal.texasfirelogix.com
formula-d.teyral.at
wordle.therestinmotion.com
mnml.thinkaliker.com
www.timezonewiz.com
tlvmcpa.um-manu.com
www.unikhealthcare.in
admin.vedantaspain.com
www.vintageautocorp.in
app.engage.rpplaw.voyagernetz.us
www.whatsmyipaddresses.com
willhayworth.com
www.xromm.org
yaale.au
stream.yasb.app
www.zahnarztpraxis-alkayed.de
fnqcw2.zgus.com
Other domains in certificate