Open
Cached
·
just now
88/100
SECURITY SCORE
Certificate Information
Subject
CN=hearst.co.uk
Issuer
C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2025 Q4
Valid From
January 02, 2026
Valid Until
February 03, 2027
382 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C4:DD:53:4B:68:5A:44:8F:E5:35:84:34:32:D7:0C:42:A1:6D:D9:AE:86:97:FC:D3:19:AE:F7:77:DB:09:50:6E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31557600; includeSubDomains
Content-Security-Policy
Basic
upgrade-insecure-requests; default-src; script-src; +9 more
upgrade-insecure-requests; default-src https: data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; frame-ancestors 'none';
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
138 domains
elleuk.com
*.elleuk.com
bazaarartweek.co.uk
*.bazaarartweek.co.uk
bazaaratwork.co.uk
*.bazaaratwork.co.uk
bazaarsummit.co.uk
*.bazaarsummit.co.uk
caranddriver.es
*.caranddriver.es
*.cdnds.net
cosmopolitanmag.com.tr
*.cosmopolitanmag.com.tr
esquire.com.tr
*.esquire.com.tr
harpersbazaar.com.tr
*.harpersbazaar.com.tr
housebeautiful.com.tr
*.housebeautiful.com.tr
*.cosmopolitan.co.uk
cosmopolitan.com.au
*.cosmopolitan.com.au
cosmopolitan.it
*.cosmopolitan.it
cosmopolitan.lk
*.cosmopolitan.lk
countryliving.co.uk
*.countryliving.co.uk
countrylivingholidays.com
*.countrylivingholidays.com
countrylivingshop.co.uk
*.countrylivingshop.co.uk
crecerfeliz.es
*.crecerfeliz.es
delish.co.uk
*.delish.co.uk
diezminutos.es
*.diezminutos.es
digitalspy.co.uk
*.digitalspy.co.uk
digitalspy.com
*.digitalspy.com
elle.co.jp
*.elle.co.jp
blogs.elle.es
*.blogs.elle.es
elle.it
*.elle.it
ellebeautyawards.it
*.ellebeautyawards.it
elledecor.it
*.elledecor.it
elledecoration.co.uk
*.elledecoration.co.uk
esquire.co.uk
*.esquire.co.uk
financiallyfabulous.co.uk
*.financiallyfabulous.co.uk
fotogramas.es
*.fotogramas.es
gioia.it
*.gioia.it
goodhousekeeping.co.uk
*.goodhousekeeping.co.uk
goodhousekeepingholidays.com
*.goodhousekeepingholidays.com
handbag.com
*.handbag.com
harpersbazaar.co.uk
*.harpersbazaar.co.uk
harpersbazaar.jp
*.harpersbazaar.jp
*.hdigital.net
*.princess.hdigital.net
hearst.co.uk
*.hearst.co.uk
hearst.es
*.hearst.es
hearst.it
*.hearst.it
hearstcontentagency.co.uk
*.hearstcontentagency.co.uk
hearstcontentagency.com
*.hearstcontentagency.com
*.hearstgames.com
*.hearstgames.net
hearstglobal.com
hearstglobalsolutions.com
*.hearstglobalsolutions.com
hearstmagazine.co.uk
*.hearstmagazine.co.uk
hearstmagazinesdirect.co.uk
*.hearstmagazinesdirect.co.uk
housebeautiful.co.uk
*.housebeautiful.co.uk
insidesoap.co.uk
jan-magazine.nl
*.jan-magazine.nl
marieclaire.it
*.marieclaire.it
menshealth.co.uk
*.menshealth.co.uk
menshealth.es
*.menshealth.es
micasarevista.com
*.micasarevista.com
netdoctor.co.uk
*.netdoctor.co.uk
prima.co.uk
*.prima.co.uk
primaholidays.co.uk
*.primaholidays.co.uk
princessjourney.co.uk
*.princessjourney.co.uk
quemedices.es
*.quemedices.es
quest.nl
*.quest.nl
quotenet.nl
*.quotenet.nl
redescapes.com
*.redescapes.com
redonline.co.uk
*.redonline.co.uk
runnersweb.nl
*.runnersweb.nl
runnersworld.co.uk
*.runnersworld.co.uk
salonqp.com
*.salonqp.com
townandcountrymag.co.uk
*.townandcountrymag.co.uk
womenshealth.es
*.womenshealth.es
womenshealthlive.co.uk
*.womenshealthlive.co.uk
womenshealthmag.co.uk
*.womenshealthmag.co.uk
Other domains in certificate