Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.schoolhub.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 01, 2026
Valid Until
April 01, 2026
73 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C8:95:39:30:B8:5A:B9:4F:64:96:A6:6F:EC:C1:17:27:9D:3F:CB:B3:D1:33:51:74:FF:E2:13:22:51:1D:E9:90
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
firesmediaevents.com
www.firesmediaevents.com
a2bworldwide.com
www.aerofreedom.com
afrocoders.com
aidwiseacademy.com
akbarbarvalawala.com
amicsmusicameliana.com
andreayantonio-4everfest.es
dressify.andreikaras.com
qatotem.appshare.com.br
award-matcher.com
awardmatcher.com
www.aylawinters.com
baawebacalar.com
www.beepr.de
www.bertmark.se
bjjscrubber.com
www.bluebird-documentation.com
app.briskine.com
bscarbrough.com
report.carmate.bycopilot.com
calcorbin.com
caylershop.com
root.clickandgo.app
app.climaya.com
cloudinfra.co
app.comicaro.id
share.credo.app
cvelectricinc.com
estimate.definedcleaning.com
www.departamentosnorte.com.ar
devduck.de
devhack.co
www.doggle.app
dogonahorse.com
doormouse.com
edgarchilin.com
elevationhomeimprovement.com
emotipost.com
enliiight.com
www.search.library.ethz.ch
fchapel.com
fencerstats.com
finishlineresultscoaching.com
gerson.cafe
glowpuzzle.co
gmc-advisory.com
gouinguenet.com
hayashi-office.site
tuanhung1426hust.id.vn
refakt.if.ua
jacobdtutor.com
www.joa.live
www.joagames.io
signup.joineconomy.com
joker123angkor.com
m-aij.jombay.com
www.jupiterdistillery.com
kokonut.app
lancehawks.com
madhudvs.xyz
material-sync.com
motiv-dev.mayamd.ai
mctamas.com
www.miettinenyhtiot.fi
mimirarc.com
modelscout.app
motionads.agency
homebox.moveinout.co.uk
fauqiamar.hizbullah.my.id
nhadat61.com
admin.nicespresso.com
www.nidsons.ca
www.olimcc.com
demo.pej.se
www.prashantk.info
present-manager.com
neta-chou.quart.red
jimu.remodela.jp
app.schoolhub.io
order-online.seaotter.cc
ticklist.skitapa.com
slasher.cc
auth.sortpro.ai
stickerlab.ai
theagent.studio
www.theheavenkorea.com
www.tilen.site
apple.timetip.app
www.tomcoomer.app
www.twinleafproperties.com
www.unorater.com
www.vanillarecoveryhub.online
varzimapps.com
vidipa.com
cj.yantralive.com
beta.yopen.app
app.zedbounty.com
www.zestwell.org
Other domains in certificate