Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=tournify.prosoccerdata.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 19, 2026
Valid Until
April 19, 2026
77 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
EC:B0:55:68:31:25:8F:CD:62:79:CE:B6:99:40:3E:8F:65:C4:86:01:96:28:AC:C2:67:34:26:10:91:89:A0:13
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
divo.fishtank.cloud
www.1moreword.com
cfunc.agilearn.app
cheatsforhiguessthebrand.apptget.com
baumgertelstrategies.com
dashboard-dev.bennybutton.com
fomo.brainrotapp.com
casadepeles.com
cinemamakeupdubai.com
www.codedix.com
cms.simi.com.vn
app.concervap.com.br
spf-staging.connectblue.com.br
courti.org
www.crash.bet
cruisetech.xyz
dapalab.dev
diegohaubricht.com.br
dispatchy.io
multi.eraman.app
crm.estoquenow.com.br
myfarm.farmnet.vn
www.fi-erme.com
flighttrail.app
frankenbottle.com
www.futfb.com
www.giacomoportfolio.app
ios.goget.my
links.guideinvestimentos.com.br
gumthemes.dev
www.himalayansportsclub.com
www.howlin.ie
hueclue.app
parceiros.ibcea.com.br
nnotj.id.vn
igngoodflooring.com
j-pop-jam.com
naturaladventure-sdk.joinsherpa.io
web.jointangent.com
www.la-cite-applico.com
www.legatolab.am
pacientes.leslypena.com
link.lifeclockapp.com
losergain.com
madcongelados.com.br
www.marktheunissen.com
mayr.fyi
admin-pay.mev.com
www.muenchhausen.dev
invoice-dev.muessig.app
cl-print.mysodexo.app
app.mytwido.com
nflperry.com
nikkothe.dev
admin.nissanbolsa.com.br
numerosplacar.com.br
www.officinefanuli.com
services.paynowafrica.com
qa.phlotilla.com
pikefishingfinland.com
www.pikseltest.com
pixalya.com
princetondinky.com
promca.com
tournify.prosoccerdata.com
rakshapariksha.com
readyforqueensball.com
rockpaperscissors.app
app.rodio.dev
mobile.runbuggy.com
safemode.app
mobileapps.setmore.com
sindicato.app
stage.merchant.sliceq.com
portal.smoxy.app
sosol.com.br
sunday-picks.com
imd.sylva.ac
syncglob.com
app.taalboost.nl
www.control.taxivery.com.mx
www.tctcleaningservices.com
www.techfinna.com
trackmyallergy.com
tshepzmogapi.com
univvoyages.com
app.uwin.mu
staff.vacenti.com.au
visualvue.app
voxtome.app
consumer.wareclouds.app
lp.webmetaverse.jp
app.wedday.co
westernroofco.com
console.whyleavetown.com
betaokrs.witsmate.com
writer-app.com
fancykeyboard.xmmobilelab.com
www.yio.one
zadaf.com
Other domains in certificate