Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=sokoban.imperfectweather.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
May 03, 2026
Valid Until
August 01, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2F:A8:C2:C5:47:AA:64:9F:01:1E:41:D7:17:7D:F5:A1:E1:8B:63:B6:89:EE:C8:CA:96:0E:B5:34:A7:0B:62:DE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
codump.com
4expand.com
a365.io
advokatvlk.cz
www.advokatvlk.cz
www.aethercreate.app
www.alldone.app
www.anovexpharmaceuticals.com
www.apecraft.pt
arammu.com
arreglos-ya.com
aseura.cl
assignmenthelpersingapore.com
www.docs.automize.dev
www.balajicon.in
bcnn.io
bearingsolve.com
raasmi.bineet.dev
password.cartoriodonini.com.br
chamuyeros.com
codefusioncore.com
hr.dangson.vn
www.dasun.io
guia.despachar.com.co
detallitospersonalizados.com
dijitalkopru.co
dptrong17051.id.vn
dralisherazi.com
drfixy.ai
eatsense.app
dev-vim1.emdr-connect.app
evnto.it
www.freemanautostore.com
rmac.gared.fr
genesis-mtg.org
getexpert.ca
grupofuturo.net
hosopcgd.hcm.edu.vn
link.iatros.app
sokoban.imperfectweather.com
instinctiv.uk
www.institutobiblicoterapeutico.com
dev.jasskoenig.ch
job24by7.in
www.johsconference.net
neptune-dev.kcz.me
kimoun.io
kviz.cc
azelis.lernit.app
link.loogia.tech
maemo-llc.co.jp
menuhub.app
mikrozajm.su
school.muud.app
beta.naluhub.com
nazirovy.ru
ncswarm.com
ndaku-mopaya.online
neumahorro.cl
www.neumahorro.cl
try.nusu.app
www.app.paceboard.ch
www.paraled.com.br
playerscout.ai
primesteeleth.com
www.psicologamarinaviegas.com.br
ratingspe.com
login.reservai.ai
www.roomz4sure.co.za
www.saicabservice.in
www.sandrheating.com
schickebert.de
www.shanligong.rest
shopbanhangcanhan.id.vn
www.smyth.app
www.snapropertycleaners.com
soron.ai
spendfix.app
sportyfy.in
starforcearchive.com
docs.storyhunt.dk
register.superjiew.app
short.sw.com.mx
sweettree.co.in
ui.takasqr.dev
www.tec-craft.com
terceseht.com
tideitb.com
tizarabooks.xyz
www.totsystudio.com
trackteam.app
staging-fairsfestivals.trueomni.com
trustkavach.ai
womensfitness.turnosweb.app
tutorlynow.eu
www.waleedgad.com
whtgroupslink.com
wilcah.org
worldunited.gg
yodellabs.app
Other domains in certificate