Open
Cached
·
just now
88/100
SECURITY SCORE
Certificate Information
Subject
CN=pay.manageproperty.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 24, 2025
Valid Until
December 23, 2025
35 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2E:98:51:34:45:53:D9:F1:04:32:34:17:60:60:AD:1A:C3:26:82:0F:C9:1A:C5:1F:27:58:78:52:09:75:8A:EF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Good
default-src; connect-src; script-src; +9 more
default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ v.clarity.ms/collect *.microsoft.com *.adnxs.com *.tealiumiq.com login.microsoftonline.com bat.bing.com www.google.com google.com adservice.google.com pagead2.googlesyndication.com td.doubleclick.net www.googletagmanager.com www.googleadservices.com ad.doubleclick.net; script-src 'report-sample' 'sha256-th47JTnh6tX15SUn/I+GGmsOSXpa7dh5Skner77gxlY=' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-RFqsjmAF1N5LnfpaHFvPqFlVkeIS/DtTAFor+JjJJVc=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-JfJ82reKxtqugVbfRGw/O/1x1Lm1I09rHueXSwvbRws=' 'sha256-BbV1i75oYRtLtfDWs7tnA8QLF5EOO1dVHKL0prVd/fQ=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com www.google.com/recaptcha/enterprise.js www.gstatic.com/recaptcha/releases/ merchantpool1.linkedin.com www.googletagmanager.com/gtag/js www.googleadservices.com/pagead/ www.google.com/pagead/ googleads.g.doubleclick.net/pagead/ adservice.google.com/pagead/ pagead2.googlesyndication.com/pagead/ www.googletagmanager.com/gtag/destination merchantpool1.linkedin.com/mdt.js; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com edge-auth.microsoft.com flo.uri.sh play.vidyard.com www.google.com/recaptcha/ *.fls.doubleclick.net www.googletagmanager.com td.doubleclick.net li.protechts.net *.xlgmedia.com *.px-cloud.net merchantpool1.linkedin.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=gg
X-Frame-Options
Good
sameorigin
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Strengthen CSP by removing 'unsafe-eval'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
oacs.dev
7001.us
www.asq.ro
mobile.axptscout.de
beancountme.com
www.bensjones.me
shitcoin.bitcoincash.social
bundle.blurb.fail
boozygame.com
abhyasa-manage.classet.in
cloud2mg.com
kiosk-client-test2.cleanbox.co.il
sbh.co.il
about-angel.codeforge.com.mx
www.coinoyez.com
technovative.com.pk
covenipuzzle.com
portal.cyberloop.ai
www.decryptogentech.com
demographics.fun
account.deplike.com
q1-depots.dpdlocal.co.uk
ekse.net
eoo.services
dev-portal.eruptr.com
app.evi-e.nl
www.farmresq.com
www.fewlsy.com
www.futureando.com.mx
market.globatalent.com
www.godonew.com
www.golfhandicapp.com
www.helvetica.world
hema.school
www.hexreviews.co.uk
histore.hibot.us
listen.hundredxinc.com
cotacao.icarrosclub.com.br
innovativa.co.uk
itepsi.com
www.jandroid.pl
jonathanportifolio.com.br
www.khushiconsultants.com
test.kovomik.cz
menu.ksites.in
lescontesderabbinahman.com
linaresleon.com
hrdesk.loophealth.com
primaverasabores.lupi.delivery
nom.madhive.com
maheesolutions.in
pay.manageproperty.io
coach.mento.jp
app-euskera.metodoeseyde.com
author.mindengage.net
mohamed-alasmawi.com
fajito.montepiedad.com.mx
soycandidato.mymoons.cl
admin-area.namathutamil.com
customer.onlinepartner.se
links.opersonaldigital.com.br
mapping.orderprinting.com
ourrabbitry.com
app.pacelist.co.uk
app.pank.org
tjx.parkalot.io
www.patrick-hrabos.dev
pedropinedocobo.com
perfectboardgame.com
pete-woods.com
www.podsailor.com
prophecysportz.com
prumpty.com
www.psdhub.org
www.purseev.com
rd.rapiddweller.com
record-planet.com
reportapp.co.uk
app.roas.org
roellmedia-streams.de
my.test.runmyservice.com
gsap-animation-library.rurito0125.dev
sasozakiart.com
year-10.savaslabs.com
shanghai-alice.com
shopyvers.com
shtnkgm.com
silkspryng.com
cloud.telinfy.com
thedannihuang.com
thesacredmessage.com
tru3development.com
vipofficenow.com
vocabulab.xyz
wakoyume.jp
wayo.us
worlddevelopmentfoundation.com
test.app.zakaz.ua
zerti.pro
www.zipurl.io
Other domains in certificate