Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=schoolon.childcareon.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 25, 2025
Valid Until
January 23, 2026
76 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FA:21:D6:8B:D1:24:B8:DC:A5:C2:6F:A3:5C:47:8F:F1:99:24:FF:DB:BB:0B:28:BA:75:A4:A8:5B:E7:F1:F4:33
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
x200labs.com
adamjafer.com
afootinthedoor.work
aitkn.com
aldoc.io
alexhusseini.com
alldayta.com
alumidraw.com
www.anvate.com
apprendre-l-heure.fr
artsphotocopy.com
enter.astrolis.com
asuiprime.com
baccsodgh.com
www.basecontrol.dev
sql.bigmachine.io
web.authorize.blackprint.dev
blockandpaversupply.com
web.brainapp.xyz
breastfeedingoklahoma.com
app.brinquedotec.com
www.cardstar.me
ce5romania.com
schoolon.childcareon.com
veronapedidos.clau.io
staging.clementineapp.com
sbc.cloudmacaca.com
smartfarming.co.in
credencialdigitalcaravaca.com
totalcripto.criptan.es
www.ctcad.org
davidhaven.me
ddigest.cc
demenz-betreuungszeit.de
devour.recipes
dinganalytics.com
doctorgordin.com
droptaxiservices.com
www.dtrmotor.es
qrcode.imed.edu.br
dash.elio.ca
www.ericwstout.com
stg-ops.estumomentu.com
app.eventovirtual.co
everyonesclickandcollect.com
www.feedboxx.io
filmable.cc
toimittajarekisteri.fira.fi
firein15.com
frostmoon.in
fuzyongames.com
dev.gasaviation.com
www.glassbocianwroclaw.pl
cards.grupodime.com.mx
i550.com
app.imageforpost.com
www.imaginejunkanoo.com
aebi.immodigi.app
indecisopadova.it
pranapp.jucaran.ar
kananthoor.com
katrinfillies.com
skupinove-lekce-anglictiny.lectorio.cz
www.ledu.mx
transferencias.lulobank.com
macasrenata.dev
hauler.madewithrelish.ca
timing.manxgrandprix.co.uk
mashkani.com
mecamindustria.com
app.minorganisation.se
mk-fairmeister.de
ml-test.shop
onlinetherapies.com
predenti.com
qr-map.com
www.racional.cl
auth.razacomm.com
embed.respire.institute
riccardobovo.com
www.rwandaelectronics.com
www.sarithamakeover.com
seyed-mehdi-ayyoubzadeh.xyz
iski.skmdsports.com
solar92374.com
www.ta2dlz.me
thaveedu.dev
hub.thegoodgoalapp.com
pharma.thepeerclub.com
my.therainbow.dev
tuckeryazdani.com
uselemon.dev
www.vergba-app.no
visayasproperties.com
live.vuclip.com
wcwportal.com.au
omnislice.wellsterhealth.com
app.wurla.io
edo-1438856.ndljp.xrikk.xyz
youchangeearth.org
Other domains in certificate