Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=staff.gebeyax.co.za
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 21, 2025
Valid Until
March 21, 2026
85 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CB:0B:3F:53:4E:65:F7:F7:1B:98:5C:83:9E:E9:20:39:60:BA:0A:57:E7:CD:FC:B9:8C:17:22:79:F9:1E:52:23
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-bVU0cVwdWUfWwbs4N5vbUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
share.sala.live
findme.28east.co.za
acarnj.com
angularbootcamp.com
qaapp.appshare.com.br
nanonote.aronteh.com
bioly-marketing.arrx.uk
dashboard.staging.audi-on.com
awakening.no
barjar.app
app.bayat-catering.tech
qm.betaroiup.com
www.booksmartservices.co.uk
report.sighthd.bycopilot.com
www.chgams.com
grepify.cobaltic.co.uk
ecobuzing.com.do
coursewright.com
dex.crisalyde.info
app.dancechaos.com
login.doublehelixtracking.com
play.easyarcade.net
test.clasificados.elsoldesanluis.com.mx
estudio-rocca.com.ar
fayrcraft.com
firstaidaw.com
vrznaccounts-ideacloud.forgedx.com
www.foureal-records.com
freedivingcoach.com
www.frogo-ad.com
staff.gebeyax.co.za
admin.geco.ai
www.ginlyai.com
kassandra.goaaa.com
www.happy-clinic.ro
ngochieu202416488.id.vn
adobe-qa.ideacloud.com
improsofttech.com
www.inhouseorders.io
joaoguilherme.dev
joeradman.com
url.joinsherpa.io
invitacionmuestra3.juanmg.com
kripson.dev
leaptutors.co.uk
www.lineararquitetura.com.br
litlablearning.com
family-manager.lochemsoftware.com
snake.lucianiernye.co.uk
www.macasrenata.dev
crm.magiando.it
manati.jp
www.maranchello.com
www.martelliengineering.it
www.avagate.millisite.com
dev-link.mintyscore.com
muttleydoggydaycare.com
niftycannon.app
nishpraya.com
nottinghamcontactless.co.uk
shop.ntabi.kr
www.oasisdigital.com
devfest.gdg.org.ua
www.paistie.com
penningtonroasting.com
peterpanda.cc
app.progressingtogether.com
beta.properate.com
order-staging.pubq.se
bataille.reactdev.fr
analytics.ridedott.com
rishichhabra.com
roadmarcfoundation.org
www.saludbayres.com.ar
robot.sciencecafe.cz
cloud.seekapp.eu
app.sheqintel.com
web.sheqintel.com
app.shopperarmy.com
incident.smokepoint.app
sollylabs.com
help.sulhnu.com
supercolor.sk
iglu.theglobeandmail.ca
thundergame.in
tuneplay.io
adminportal.turtlecreek.ie
www.tuzuapp.com
www.variskindo.xyz
vivianogesben.dk
cdn.ru.voxelmax.com
www.walmartmyhealthjourney.org
warfronttostorefront.com
waterdispensersguide.com
boodschappen.wellink.org
crypto.worldwidewealth.asia
yhamamoto.com
youf.one
www.zoebeggelman.com
ngx-material-kit.zvconsulting.llc
Other domains in certificate