Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=pianolessonsoxford.co.uk
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 04, 2025
Valid Until
February 03, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
EF:C2:26:AF:32:9E:08:F5:50:D1:43:F4:5E:77:A5:65:A7:7B:C2:D0:B7:CB:CF:98:C9:6B:E4:09:14:37:E8:C2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.wooly-mammoth.michaelandersondev.au
airmontenegro.me
www.alberione.net
link.apsa.com.br
armindosilva.cv
arwo.xyz
ytp.aspevo.com
app.atspeedshipping.com
camarahoteleradechuquisaca.com
canelco.com
tenkasi.citydroptaxi.com
thanjavur.citydroptaxi.com
trichy.citydroptaxi.com
www.close.fund
finance.chat.codewell.ai
careercamp.codingninjas.in
coralup.eu
danielhess.me
darfit.cl
www.dayzkillfeed.gg
dekorando.it
dietdining.org
elevate.do
emergentaiconference.com
www.erex8eonemesis.com
ersimransingh.com
eyljapan.com
s.feminine-care.com
flutterninjas.dev
formol.io
www.gabrielesabatino.it
gestoapp.cloud
uv.congresoqroo.gob.mx
app.gourmetchefmanila.com
hear2eternity.ltd
www.hectorfalconportfolio.com
helfer-system.de
scratchpad.importth.is
itali.in.ua
infinitegroup.global
www.inja.ltd
jetsne.ws
k-planet.net
app.kaizenimobiliaria.com.br
app.kontaktlinsen-preisvergleich.de
www.krokis.es
backoffice.leadiasjunior.com
listingopportunities.com
link.lmnova.com
loinaz.com.br
loonyrocket.com
theenglish.m1studio.co
www.magenta.market
www.marllonbarizao.com
dev.mezo.io
www.mueninvest.com
multisend.org
panache.mustafatrkmn.com
catatan.localbos.my.id
www.neubo.io
nidhisoley.in
nyco3d.com
okyzo.ma
staging.paerpay.app
links.paven.io
www.peepz.me
www.pensioenbijvebego.nl
www.pflink.de
pianolessonsoxford.co.uk
pocketkoala.com
protectors-of-balance.games
two.provos.org
rbs.quitaboletos.com.br
realizon.ai
app2-lojadofiltro.refiltek.com.br
rotaract-suedsteiermark.at
rupick.app
www.rupick.app
www.safe-hands.it
sanfrancigy.com
www.seal.wtf
www.sellerlab.shop
dev-admin-portal.shopthrilling.com
simbaquartz.com
sportsman.gallery
customer.sprinpak.in
unityhsshuffle.sqwadhq.com
www.stefimiteva.com
strada.pics
dev.thefold.app
www.thepositcollective.pl
topfour.io
www.tsubakitech.com
admin-asisteseguro.uanl.mx
controle.wdsolucoes.com.br
weblauncher.ro
app.widar.io
admin.wistly.io
xr-portals.online
otodeger.yukselisikinciel.com
Other domains in certificate