Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=productscience.co.uk
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 02, 2025
Valid Until
January 31, 2026
61 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E1:EC:C7:2F:BD:9A:72:61:63:77:B5:3F:D0:08:96:22:F6:51:15:D6:D5:25:53:2B:7F:AB:63:93:2E:8F:E4:39
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport,script-src 'report-sample' 'nonce-SwbSWbyNwmXoQPM4WNM8aQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
link-catalina.mycapella.id
www.3jtem.fr
login.agm.me.uk
agnesartele.lt
aikidowatanabedojo.it
admin.ankimate.com
checkin.auditionmagic.com
aussiecrm.com.au
bantech5050.com
account.baxpay.com
cgh.beaver.codes
avironbayonnais.deeplinks.bfansports.com
admin.bizmate2u.com
comments.blurt.blog
www.btrut.com.au
www.californiawaves.studio
chatpay.com.br
app.chepeparrilla.com
www.cngc-kh.com
try.thegoal.co.kr
demo.sophialab.codeforge.com.mx
www.codygo.com
www.staging.itdux.com.bo
www.pacificocean-crewing.com.ua
www.datelog.site
dehandigemannen.com
a.diri.dk
www.djucasolar.com
inventory.donutsanddickjokes.com
www.dpyra.com
prime-v18-doc-1205.droggol.com
portal.eatch.me
auth.edugram.io
beta.audit.elight.com
fieldreport.org
fionapumps.com
www.forget.finance
promotor.foxgraos.com.br
gestion-ambiental.live
finance.gestu.dev
getoy.org
glowfishlabs.com
credenciales.mpftucuman.gob.ar
groovydudesnft.com
www.gujaratpolysol.com
staging-hq.harlemnext.com
hauteislands.com
hitboiii.com
bestellen.hivdam-restaurant.de
auth.hoynk.space
www.imenyu.co.za
ssih-sormland.infosynk.se
access.csc-intelligence.ingka.com
ingressotrfx.com
www.inkedbyjules.com
pmn-brc-monitor.itaueira.com
joycemartins.com.br
kff-kss.no
www.komed.app
kootiapps.com
krappesokken.nl
kunalmanocha.com
www.lftek.com.br
lukewhitt.com
moodboard.mac.archi
catalogo.marmomac.it
consent.mistergreen.pt
nalatoken.com
marketingbundle.ninecombinations.com
www.nordilock.fi
npappdesign.com
mmparishad.org.in
dev.oryzativa.com
pixelover.io
fibrix-authentication.platoisp.com
productscience.co.uk
www.psychologylouisville.com
www.pusztahaz.hu
questerstudios.co.za
legacy.quinnscomputing.com
www.smartfixvoghera.it
dev.ndhp.softwarepartner.pl
www.soppypet.com
shapes.spurart.at
app.storyspot.se
web-auth.storytiling.com
stratwayfind.com
www.theculturemom.com
app.thisisibini.site
dynamic.tracis.io
ddlink.tradeitsocial.com
traintracking.co.uk
5ch.tvchan.jp
app.unionoficiales.org
www.waveconnect.ca
admin.wewaexpress.online
wordmatic.com
worldofrockclimbing.com
xh.xtable.tv
www.zygouslabs.com
Other domains in certificate