Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=newgestdigital.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 08, 2025
Valid Until
March 09, 2026
54 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2A:98:4C:6D:B9:65:42:70:A7:BE:CA:BD:3E:7B:CE:03:07:66:4F:2B:A0:18:06:32:8D:74:43:7C:33:F8:4E:65
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
happa.work
scp-test.3dcloud.io
star.ameliecodes.org
armii.gg
www.asaqal.com
www.avidaso.com
developers.balin.app
sso.betasi.pl
biomimetics.dev
my.blocksignal.app
app.boldo.cl
kirans.co.in
www.constructora.com.uy
www.blog.conomy.app
consultpartners.hu
contentanalytics.io
arcade.creekcoding.com
www.croatiayoga.com
auth.grammarly.cyberhaven.io
www.cybernetex.io
www.dcmanagement.co.uk
zurich.dialdas.com
elmotion.lv
emanueledisaverio.name
www.energysystemrecale.it
www.eyd.dev
www.fell8.io
www.fresh-pets.co.uk
www.harshasachdeva.com
www.headsup.technology
donation.heartfulness.org
hybrids.fm
www.instantbeautyapp.com
sarebimbo.inter.mx
yarb.iolace.com
pwa.joblog24.nl
www.joeyforce.com
www.joshid.co.uk
duurzaamheidslog.katalysatorduravermeer.nl
kishanparmar.in
www.lasi.us
my.logotology.com
headline.mariusclaret.com
app.bpms.maseka.dev
www.matteozarro.com
www.melyespino.com
www.metamaster.nl
empleolectura.metodocharlie.com
mindcore.gr
evaluate.bnm.mobilitymojo.com
muhamadrama.com
mustqbl.me
newgestdigital.com
www.newzik.com
app.noonnownow.com
www.painttheworld.app
paulutsch.de
pos-test.phongvu.vn
steambase.piticommerce.com
leaks.pneumetrix.com
app.poj.es
portaldogado.app
postandshare.in
pribinacik.sk
project-athena.com
www.ptaally.org
reservations.qualityrentalzz.com
video.questlink.app
demo-app.redlineuw.com
saranga.me
scsw.io
www.sesamebagel.sg
shahparth.me
sharpears.de
app.siqball.com
smalllink.in
news.soapandprecede.com
sortme.io
stagebezoekplanner.nl
beta.stava.io
uw2.stefanowatches.com
www.takyon.solutions
demo.edifyin.teamin.in
qr.torroxrental.com
www.travel-n-share.com
crazyindoorbike.turnosweb.app
goodfitness.turnosweb.app
uddum.net
udrive-app.com
unthread.stg.unthread.io
vcsync.app
ve-regrutirame.mk
www.vinayakenterprise.in
showtrip.vranam.cz
www.walterafurman.app
wellplatetracker.com
withlang.app
testing-andreas.wrappr.xyz
www.yieldex.org
mybillpay.zitomedia.net
Other domains in certificate