Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.softcode.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 08, 2025
Valid Until
January 06, 2026
46 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7E:90:11:04:55:E1:84:AD:CD:A2:42:F1:B7:90:DE:C8:36:3A:30:67:0C:72:57:3A:E5:62:72:EC:1E:BA:D7:6D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
dare2.digital
invite.3dmeet.com
links.afrosaude.com.br
passrator.alexneto.dev
www.aravindpackersandmovers.in
bdgtapp.com
www.block32.com
www.broadwaylive.net
locaite.dev.caite.io
pro.calizy.com
www.cancees.com
www.capsol.us
cbse.news
oracle.charmingdisaster.com
chinnawat-ice.com
www.classical.io
portal.cleantruckcheckauthority.com
m.click4card.com
www.foht.co.ke
vecloud-staging.vechnology.com.my
dev.5th.cpn-othellonia.com
www.danieltruth.com
www.dcnw.de
www.dictcp.men
activity-menu.dimitrimitropoulos.com
eds-air-technology.nl
beta.egyptpostzedny.com
cicikaisa.elmizan.com
signup.empoweramsterdam.com
ericdorsey.com
demo.firecms.co
www.firedrag.com
foodist.studio
app.fredocloud.com
friends-card.co
www.futurwud.in
gameoftrails.com
game.gdsc.app
pronto.godo.is
www.gofiber.com
grouple.app
gurbuztekstil.com
hishig-toli.com
creative-demo2.hisy.in
notes.hjort.app
staging.app.hoofbid.com
staging.inboxpro.io
omikuji.ishitohoshi.com
j-m-m.ch
buns.jayther.com
www.jtcheck.org
justwanderly.com
www.jwhiterabbit.com
kevaa.in
klempner-soforthilfe.de
assist.kodex-ai.com
krayemco.com
go.lstoday.net
luckydaybet999.com
www.meteorman.dev
backlog.mobilesys.com.br
www.mrc-assurances.fr
www.musicianship.app
www.mysitch.app
nanimonodemonai.com
avokadio.neoufitness.com
asset-manager.360pass-qa.nextome.dev
omsbevrage.com
app.onremac.com
cp5743635207290880.order.place
www.paradiseballrooms.com
pixraider.com
login.pramukhmoneytransfer.in
marmotas.queliga.com
pautas.radiolavozdelaselva.org
ray-li.net
summit2025.reversim.com
ririkoito.com
www.senthurbalajicrackers.com
sgomberoalloggitorino.it
paintpong.skorepova.info
www.sky-hoop.com
res.smtagent.com
www.softcode.com
sqre.io
app-dev.stash-app.com
baby.thearnab.com
www.thecruxfirm.com
www.toofareastbarber.com
www.topmetricgroup.com
images.tourdepiste.com
vanuatuearthquake2024.info
venturiengineering.in
venusegitim.com
data.verdin.pl
www.villanovacamps.com
www.vrmmo.win
wimble.games
www.wott.in
admin.ybcannabis.com
Other domains in certificate