Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=know.nzsapps.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 05, 2025
Valid Until
February 04, 2026
83 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
40:59:01:5F:68:BE:69:E5:39:9F:EA:05:73:74:45:28:87:4F:E6:83:56:11:23:3A:AD:EF:8D:60:BE:E3:C0:6A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
decimoapp.it
1cekn.com
gws.5min.co.jp
chat.aivaportal.com
alphaaiservice.com
www.andrei.cc
aquinventures.ltd
arfis.pl
app.arnaud.works
www.as-kosmetolog.pl
link.atrena.net
bengalnewshunt.in
blog.bezuko.com
brain-arcade.io
browncoursescheduler.app
www.brozcal.com
app.clued.id
verifikasi.abigold.co.id
fritzcontroltest.fritz.co.il
solarstorm.co.in
codok.co.uk
nvdetailing.dp.ua
www.dreambigtechnologies.com
kg.droov.io
easyq.in
elitehomessolutions.in
www.enzoft.se
esken.si
trackingapp-stg.esports.cz
app.fanchat.jp
fastfocus.app
vic.geovanecavalcante.com
victoria.geovanecavalcante.com
www.globalkidsgarden.in
goldensparrow.tech
guardian.hael.in
huy-facebook.itepduong202417234.id.vn
nguyentt2417260.id.vn
web.inpunto.la
janweinkauff.de
www.jessicazanardi.com.br
voib.jesusbossa.dev
tarkov.jetpackpony.ru
www.jitatech.com.br
intranet.k-9apps.com
www.dev-intranet.k-9apps.com
compare.krida.space
lancuch.fun
www.liduan.net
www.malahovsky.net
app.maracuyaagencia.com
marianoandsons.com
melange.ltd
miramiscosas.com
eta.mithrilmedia.io
miwaspa.in
mixithub.app
auth.ccs.mymoodbit.com
mysoul.app
nixler.xyz
dev.paciente.nuuphealth.com
know.nzsapps.com
github.pan.dev
parcelwithfriends.com
pinesbracknelltaxi.co.uk
polyverseworkshop.com
www.purplegeo.com
www.pushstack.io
app.qosie.nl
nestle-panela-dev.redfox.dev
www.referaflood.com
rescale.agency
staging-empower.savannahghi.org
pc.sdorica.com
shelfytoon.com
smartrecyclingbin.cloud
soonus.net
www.soonus.net
sparklingreaders.in
qa.validator.stoyco.io
sunriser.xyz
bodacivilsaraviarivera.swanmoments.net
despedidarossygomez.swanmoments.net
www.tecpulse.pe
tekbricks.com
www.thanku.social
www.thehamradiolab.com
www.thenetworktap.net
tiny-triumphs.app
turiyarenovaveis.com
auth.twilight.co
undesigntheredline.com
unimakworkflow.com
varnamala.org
voltcreators.com.br
www.wanaanbahrain.com
whereuapp.xyz
wwinstitutes.org
www.zabira.com
studio.zerostic.com
Other domains in certificate