Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.matchpointgaming.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 15, 2026
Valid Until
April 15, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9B:CF:9C:7A:24:C2:49:34:50:12:87:F3:A5:2D:E2:AB:C1:7F:16:7F:34:8D:DA:7E:A2:4F:B3:FC:42:78:35:A6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
fxbtc.ventures
azek-international-cert.3dcloud.io
dev-auth.andmeno.com
andreaalarconpropiedades.cl
flowstudio.ress.app.br
www.aroquega.com
ashishkhanna.xyz
intake.bofanzhang.uk
www.brokenpiano.org
www.brovchenko.dev
brunocanini.com
uat3-account.canstar.com.au
www.shahmatec.co.il
new.knitsandmore.co.in
akpargalvaniz.com.tr
contractr.net
craftazo.com
www.dartball.co
apps.digitalattitudes.com.au
www.digitaltco.co.uk
wedding.djtran.dev
url.dm.mt
dollar-biz.com
firebase.ikytek.dpdns.org
www.dragonport.se
connect.elsa.sg
ticket-master.eonideas.hr
eucaliptocitrodoro.com.br
www.fairviewokchamber.com
fawakeh.shop
fretbuddy.io
gzg-testing.fsv-aptor.com
g-auto-srl.it
www.globalbjt.com
g.dwindle.hexsw.com
chrisandmads.hitchd.com
aff.icard.com
india.org
inodex.online
console.iopeoples.com
irassessments.com
jw.watch
access.stge.keap.app
lastarec.fr
auth.lecfl.com
admin.litmusscan.com
magicruta.com
mariage-daniel-gaelle.fr
www.matchpointgaming.com
flutter.mefaiz.com
melba-pro.de
mi-japan.net
boardspective.ndprep.org
www.novejcorp.com
nulleffectstudio.com
palivvo.eu
dashboard.parkmybike.dev
passume.com
apps.piinkme.fr
cloud.plaato.io
pam.poem.global
presenciamanifiesta.org
profitech-serwis.pl
promeccontrols.com
horne-vi-dev.psg-labs.com
pttrn.io
pupcoach.io
www.reducos.com
reggischristianwedding.ca
app.risoc.com.br
rivassetinvestment.com
rodsrecoil.co.za
ronaldtclark.com
www.saferworks.insure
secmund.com
crkanela-admin.segurdiez.com
kanchipuram.selvitravels.in
partner.shopman.me
skolkovo-park.website
www.stprepublicanparty.com
stuckyi.studio
reaktion.synthesizer.tokyo
taxhead.de
dfc.thelexusaddict.com
udayvmenon.dev
rma-motor.valk360.com
tracker.versades.com
vidatrilegaltche.com.br
library.voiceforpurpose.com
wedding.wamei.jp
www.wanjaslist.com
weblola.com
support.webshots.com
wfp-pbf.org
wizlab.one
www.yaashjain.com
www.youngamericamutual.com
z0.nu
portal.zapmoto.com
upload.zen-bucket.com
Other domains in certificate