Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=prachyaschool.in
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 20, 2025
Valid Until
December 19, 2025
34 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
10:96:58:54:00:1E:12:0A:05:4D:25:84:F8:AC:F9:C8:2B:EE:A6:B4:CA:23:2A:B7:26:BA:2D:30:88:CC:0A:78
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
wavehospitality.ca
oauth.2b2tjb.jp
www.abcdireito.com.br
admin.applestorevm.com
admin.arapp.one
arcxacademy.com
app.aurumti.me
beefpares.com
best-beauty-datsumou.com
bharatmatabookofrecord.com
www.bradshawgurmatschool.com
ambassador-loyalty-web.cbdata.cz
sgp-genic.chance-store.jp
dev.op.clac.io
classbattle.com
clyr.app
toma.cme-tracker.app
app.funzasasa.co.ke
admin.goldpot.distinctmedia.co.zw
dpo.com.ec
newteacher-dev.oneclass.com.tw
tex.thsrc.com.tw
www.craftcoders.app
danyspace.com
fedpolykabo.edu.ng
evg-morgan.fr
vuosikertomus.finavia.fi
fishgotaway.com
fits4days.co.uk
foogal.in
frozenseastudio.com
agencia.fuwork.com.br
app-stag.esl.geopointer.com.br
ghostgt.com.br
giacomorobino.com
grapes-light.app
www.guitar-patterns.com
gutearbeitplus.de
hiveteach.com
daugiai.hocchoi.com
www.honeydewlimeade.com
hyshare.app
help.ibranchrecruiters.com
unitedmartialarts.impactwrap.com
inertianz.co.nz
app.infiniteobjects.com
jansirnekkotilfoods.com
eventos.jefteapps.com
mta-sts.jimbo.io
lasfretes.com.br
www.learnrussiancases.com
puntounolab-performance.lernit.app
www.lewboxing.com
lofficinasorocaba.com.br
mikeandike.mckinney.com
miniagente.com.br
mtgbooth.com
www.nakuk.cz
neatteam1943.com
nms-rx.in
brand-guidelines.novasell.com
imagenfashion.nvgenai.com
orderplz.com
brostokyo.v2.pltfrm.jp
prachyaschool.in
blendmadeleine.order.pulp.eu
global.qitech.digital
tm-prestadores-hml.redfox.dev
www.renegadeape.ca
www.rentbook.com
fivem-assets.risinglife.de
appv1.riskportal.com
dev.app.salaryo.com
sanadsatel.com
www.staging.schedulify.app
captions.dev2.screencastify.com
sgl-services.co.uk
www.sgl-services.co.uk
shooketh.app
dev.sleip.com
auth.somewear.co
southcoastgynaecology.com.au
portal-test.surgiyo.com
www.sutoroxy.com
testing.texel-arts.com
www.toolcentermexico.com
www.townlb.com
trueboo.app
www.open.vietsono.com
admin.vigilproject.app
visacity.com
www.wbwbeer.app
wedon.io
admisiones.weeppy.com
www.westbalboa.com
flyer.windsporttracker.com
winslgg.shop
wjyeop.site
link.youbchat.com
youdam.com
Other domains in certificate