Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.scorehammer.co.uk
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 25, 2025
Valid Until
December 24, 2025
38 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
58:EB:93:8F:1E:B9:5E:F8:5F:F1:84:CC:42:8D:FC:FD:67:37:EA:6C:2B:2F:15:09:3E:E3:3C:43:F9:02:44:B0
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
security.gates.services
100blackinterns.com
www.africa-foods.com
www.ajojose.com
www.altay.contact
www.amouraconsol.com.au
annaangeliqueporte.fr
appguide.aparoo.my
ask2ai.app
atacadodebolsas.com.br
my.atcha.app
bileier.app
bluerimba.com
diarioonline.boosterbyte.com.br
www.buildexcellence.co.za
wpbl.cao.app
www.capricorncapstone.com
configurator.cellro.com
curso-cannabis.centrofluminense.com.br
trainer.cirqit.app
cloudscaff.com
saffon.co.kr
www.cogler.app
www.connormcintyre.co.uk
gdp.cradle.work
widget.detellerloopt.nl
www.detoor.in
www.devinowen.com
www.dgrexcavating.com
dev.digimaxoto.com
qr2.dihola.uy
e-periwinkle.app
nava.eco.br
effie-guenther.com
www.eholde.com
review.enkeldigital.com
therapy.ensodata.com
ocpp.estations.vn
www.fasady-terasy.cz
auth.dev.fastforge.ai
app.feemagie.com
dev.flagseeker.com
app.flockshopping.com
lift.fndrsng.com
career.forbesjapan.com
reports.freedomfromdiabetes.org
fx-labo.app
geeteeholdings.com
app.getskylar.com
greenerhealthierhappier.com
api.haldiskin.com
party.inova.si
dandinh.io.vn
www.jankoch99.ch
www.japjappanama.com
jeshani.dev
read.joylocker.it
dalok.kecskemetibaptista.hu
app.mahalawifi.co.za
mattlorne.com
www.michaeluniversity.org
missional.com.br
www.mono-sos.com
muditkapur.com
www.multiplybing.com
dashboard.mytelescope.io
mywater.agency
naboo.capital
link-cfam.nibo.com.br
links.notestech.co.za
www.nvushkov.com
pwc.nxtinteractive.com
paikariwala.com
www.pepami.com
www.pixs.app
praktijk79.be
mipromo.puntoscencosud.co
cookpilot.qint.de
quicksplitapp.com
rancho-moreno.com
admintest.runningchampions.com
messaging.samespace.com
www.scorehammer.co.uk
smallmiraclesaz.com
sodastreetfood.com
www.sandbox.soundcommerce.io
strabar.com
superant.kr
www.swiftaccountants.com.au
testinvite.com
thequad.in
www.tymphillips.com
kg-course.vdelic.dev
www.vinitalyplus.com
virgilmedical.com
williamperacchio.com
admin.winhangarra.com.au
www.wordconvert.net
menu.yellowstonepark.com.br
yuyoapp.com
Other domains in certificate