Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=manchester.education
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 07, 2025
Valid Until
January 05, 2026
53 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
01:84:32:D3:4B:B4:4E:ED:54:5B:84:6E:4A:2F:FC:F2:A2:D9:37:E8:FD:42:E5:5A:FE:92:1E:C8:0D:05:C2:78
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.getlegume.com
101hillcrestdr.com
dev.dashboard.claimconnect.4-sure.net
sms.adxsdk.com
music.alfonsov.com
firebase.arice.in
bikeandbyte.com
ms.blsm.ca
side-job.bonk321.com
botanycoempresas.es
www.clintgoodman.com
groupit.co.il
app.continua.ai
convert4me.com
corespeq.com
app.dashwaste.co.za
blog.daudr.me
cloud.dazlab.io
app.digiqc.com
www.dramorak.dev
dev.e-carre.ch
easemymanuscript.com
ekoinstal3d.pl
www.emailcenter.cloud
itsthe.endfor.us
factotumcs.eu
www.fexmembbs.com
fleur.dev
gainings.dev
ads.gasco.cl
portal.getboostar.com
globalgreenssolar.ca
cms.godate.me
policies.goegonetwork.com
www.granica.io
test.grungyballs.com
www.happyspoon.app
api.hyperseed.com
jacoby.world
javatheory.net
toni.kusnandar.dev
lecoinduprof.com
vr.lettucegrow.com
www.leukprogrammeren.nl
linkh.in
linktoremember.in
magiclink.in
manchester.education
beta.masvivo.tv
policymanager.matawanadc.com
www.mathew-mullen.com
matkosetnik.com
albums.mattb.io
projectfire.mattholliday.dev
melinaleiaadilagic.com
app.minibareshoteles.com
evaluate.retail.failte-ireland.mobilitymojo.com
facilicomforms.moreapp.com
mrjoegilbert.com
beta.mycheftool.com
www.naanrolls.de
www.oksi.app
auth.oldmapsonline.org
orchardgame.com
ourhappyspace.in
ezserv-r.penzigo.net
pianolessonsbradford.com
pixelplate.de
www.pixz.io
plr-website.com
poemstudios.com
pragmaticreview.pl
app.relectrify.com
atlas-cms.rockproject.eu
www.saler.nu
soteam.app
lt-apis.terra.staderlabs.com
auth.stamybooking.com
systam.mx
www.tabaholic.ca
inventory.terkwood.farm
course.tomotech.vn
chipin-account.trackdmusic.com
www.trament.in
www.tre2014.com
www.tuntscorp.com
account.twinbuild.com
www.ulectron.com
www.union-bauzentrum-hornbach.eu
www.unknownartifact.com
tools.versatile-flow.com
auth-agenda.vpsnotas.com
vzero.xyz
admin.wigo-wigo.it
ht7.williambayona.com
app.wumbox.com
www.xn0px90.com
rcs.ytel.com
uchuu.zacherl.dev
glowhdr.ziyucao.com
Other domains in certificate