Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=test.scoreholio.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 07, 2025
Valid Until
January 05, 2026
54 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
03:13:C9:E8:CE:61:30:D7:24:93:7E:03:D2:25:65:9F:9D:EE:91:2E:D3:EB:79:42:4F:DE:F1:CE:8C:5A:D3:D3
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
tehjinxi.com
5-wires.com
link.preprod.abrahome.com
adacara.co
advamissions.com
www.agoravision.com
aliyilmaz.org
anutricionistas.com
auth.artconnect.com
artship.co.uk
cory.benbraham.com
reconcraft-hud.bitcrew.com
blakewade.com
bloki.ai
pay.bloombawarchi.com
bryceterhaar.com
www.burguerecia.com.br
capsule-ec.com
app-jump-ccn.carecloud.io
zdf.cateringportal.io
chase-catch-me-if-you-can.com
chrometz.me
clubeconorte.com.ar
www.corky.app
www.digitalmixtape.com
downfour.fun
nexmo.dwane.io
support.elevenlabs.io
animel.f-arts.work
app.flocargo.com
takeoff.fundacionaltum.org
gamio.app
app.geiico.com.co
www.guidesly.com
pedro.hjort.app
howmanydonations.com
zerorecs.ichaelm.com
app.importcenter.net
www.innrsys.com
admin.inosto.com
collection.itemm6usa.com
kelstrother.dev
www.kraijenoord.com
kuwaitinside.news
lif.livinglifeinfull.com
duom.londonhydro.com
lukasbaksi.com
preferences.staging.mailclerk.app
logos.mattlongpre.com
auth.maucaro.com
mdvs.mn
middlecar.com
www.milanedigital.com
mintaval.com
www.msboone.com
www.msmsm.work
www.mypoolhut.com
www.nandibell.com
nextgatecapital.com
j.nflo.at
nicolefalciani.com
octonote.com
serviceavtale.omnicar.io
portal.onefinance.com.br
onlinegamesinfo.com
app.onpurpose.dev
paweljonik.net
demo-dashboard.tutor.peardeck.com
staging.peltii.com
www.pickcarmobility.com
about.pickwings.ch
admin.pixisinsights.com
www.queryitapp.com
console.ed.ramdhayal.com
quiz.app.rekhansh.com
numa.rezidnet.com
auth.portal.riggsdavie.com
rizzi-law.com
sandalled-stephen.com
test.scoreholio.com
swansea.scouthub.app
securethebag.io
www.sedfed.com
shuwaikh.net
www.siddhivinayakconsultancy.org
crystalopps.skybounddev.com
spicaengine.com
sunphysiotherapyclinic.com
bodamayorgacornejo.swanmoments.com
cmis.tejsoft.com
themedia.is
thetrilinguez.com
www.thozhacalldriver.com
www.timraybould.net
tryhelios.app
vlucendo.com
www.wahclick.com
test.wellify.ai
www.whyknotnick.com
bluereserve.xlnk.dev
Other domains in certificate