Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=polygesta.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 19, 2025
Valid Until
January 18, 2026
56 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A7:23:89:80:2C:73:B1:E6:F1:AD:2E:31:40:11:76:BC:42:A1:0A:C4:86:B0:B4:E9:51:75:07:2F:41:E8:CD:C9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
yfmbase.com
portal.acard.dev
andievandy.com
appfried.com
www.ashleyandjack.com
linoleum-embed.bambuser.com
bcregistry.gov.bc.ca
staging.student.beltstripe.com
www.dev.booze-feed.ca
greemer.brickwise.app
bcc2000pro.my.brinno.com
app.campingcomfort.app
casinopartybookings.com
www.chossonkallah.com
b.cirmena.ch
geliana.co.ke
pwa.explicador.co.mz
ctc-bc.com
cupkit.app
www.cube.danrcohen.com
www.deadcamperyt.com
staging.dentlab.dentdesk.ch
www.dorfielabs.com
easytheory.org
fdistribuidora.edcliente.com.br
kutalent.ku.edu.kw
emailbee.ai
links.emoook.com
redeem.equalista.com
post.eskuvoclassic.hu
euricobergsten.com.br
partner.events6.com
finace.app
flirtstream.app
freshstreet.org
www.garoux.com
invitation.gastronaut.ai
prod-sp-origin.gohenry.com
ss-lookup.staging.gojitsu.com
gpi-code.net
hamzafetuga.com
natural.heartbeat.com.mx
holacampo.com
www.hudsonperdue.com
www.icecool.kz
duyhoctudonghoa.id.vn
collect-coworker-prod.digitalse.ikea.com
dashboard.inclub.site
www.indianepsmachinery.com
pcm-dev.invessed.app
rachel.iterabledemo.com
www.kibbcom.in
kitching.app
legacyline.app
sourcing.linea.lu
presale.lla.ma
admin.malayalihub.com
martinsosic.com
mazdasthyacinthe.com
admin.mbility.app
webview-160.metalogos.site
mupo.app
ndesk.app
neighboredllc.com
admin.notearkiv.no
brrg.obsidianpma.org
onlinewpk.ch
www.parm.app
pechi.at
admin.peems.org
admin-panel.pmcusa.org
polygesta.com
polyglot1000.com
display.populartradelinks.com
powerextract.co.nz
quickfixmaintenance.ae
replylabs.ai
safego.taxi
admin.scandinavianmarkets.com
app.scannerlens.com
seeks.app
dataflow.sellersflow.com
www.soundfactoryschools.com
spellz.speakylink.com
spotforest.com
xcelscavengerhunt.sqwadhq.com
stevning.no
sublimeapplications.tech
sunitienterprises.com
tagezerby.com
www.teleklinik.ch
www.trelliz.ai
trnw.ru
www.vigirat.com
walluxwallcovering.com
wecaredreams.com
youhavethreequestions.com
zarithreads.ai
zesti.app
client.zlatnicesalj.com
Other domains in certificate