Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=edugoo.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
45 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BA:4B:CF:98:65:97:2A:C8:90:8D:25:4A:49:8C:B7:AE:08:A3:67:EC:CF:6C:F5:EA:3A:C9:D9:AB:16:BA:2D:16
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
hmaruko.datateam.one
dietitiansondemand.3diq.com
www.adelsomelo.com
admin.360.staging.audion.fm
agrosense.io
www.airdosh.co.za
aitech-lab.org
dashboard.appbakery.ch
appsfy.net
app.aquired.io
www.automadraw.com
badshahinus.com
www.barkatgreens.com
admin.biopreva.com
www.mijn.bobdebot.nl
brightsparksbds.com
www.red1.btartisticyoga.com
www.caitchison.com
bookingengine.camping.care
campwatpa.org
centraltec.de
www.cgmanasmitra.in
changepropertymanagement.com
www.chateaudelaroche.eu
cineri.com.mx
reservaja.ejitech.co.mz
app.cognism.org
www.cohostop.com
www.collinpatrickportfolio.com
gestao.conectadamiao.com.br
app.creationstock.com
dailyx4.com
derbyleagues.com
batch-fwk-i.dev-ltl-xpo.com
dilshan.pro
easy-tipp.com
edugoo.org
auth-dev.ehappen.io
erikshort.com
euroventurepartners.eu
everystephurt.com
ezvoltage.ca
link.finm.app
eventmark.fishcode.app
flinn.co
forkbison.com
www.ghdsystem.com
giggleandquill.com
doodleplayground.grifdail.fr
healixir.org
hidden.land
hir.sa
hoichoi.site
dev.homeappter.com
hydralab.org
kernohan.wedding
app.development.kronos-staging.net
lakshmimisthanbhandar.in
app.lefty.io
www.danser-sur-les-tessons.lescartesdelanalyse.net
x.m.works
humantold.medcon.live
myascendant.net
front.onderwijsonline.nl
auth.oppiatestserver.org
cmab.ghanainsurers.org.gh
app-enterprise.overview.one
ozstyle.co.uk
paralacasa.com.br
pethomers.com.br
staging-consumer.pinhome.id
landing.placepy.com
app.r3wind.xyz
apex.rcloudsoft.app
www.rebeccavelez.dev
ketor.rjmgdev.mobi
sarahpyle.xyz
www.search-maps.com
skoghallspizzeria.se
pchtutors.snapmentor.no
lio.sonck.org
www.spiritleddevelopment.com
auth.stackaid.us
david.strauman.net
www.suleiman.co.za
deeplinks-dev-gaming.swifty.global
www.thewiselab.org
thndrbay.thndr.gg
www.timroesner.com
latribu.turnosweb.app
www.ventel.in
messaging.voipo.com
www.wibce.de
app.wordbook.nyc
toolz.wtfast.com
x1resume.com
dlinks-dev.xfarm.ag
yalcinayasli.net
admin.zacharyjbaldwin.com
zupeeapk.shop
Other domains in certificate