Open
Cached
·
2h ago
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=roofdeck.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
April 05, 2026
Valid Until
July 04, 2026
54 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1D:C2:CA:D6:4D:70:15:3C:37:A1:86:51:3B:E8:93:3A:6D:64:2E:2B:4B:16:1A:02:0A:26:9A:76:65:8D:D8:EE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
firekit.space
www.9ok.in
partner.abctalkies.in
www.adfocussolutions.com
go.kesherr.aimpact.ai
newsletter.ann-zdrowie.pl
app.archpark.org
politica.azume.com.br
birthdayparent.com
unileverhpc.bluearas.cloud
booleanstate.com
challengerexpress.bouygues.com
cam-resp.com
self-hosted.costflow.io
crafty.film
www.cubesplash.com
auth.cuponatic.com.mx
cygma.ch
staging-legal.d-cipher.io
dassoft.org
symfony.dev-master.ninja
diforb.net
docode.se
elysonconsultingservices.com
energieberater-cm.de
questr.eroglu.dev
www.eule-elli.de
evolvemobilityafrica.com
media.f-marketing.jp
www.fabbler.ai
fastdealcar.com
admin.stg.fhsis.org
app-dev.freshcatchapp.com
fuelongo.co.uk
ct-staging.gestion-traiteur.shop
www.greggsdeli.com
www.healthtravelsecure.com
highwaydroptaxi.co.in
kmeans.idsucla.org
toptier.incentivemeetingservices.com
includemeafrica.org
yulian-masha.invito.link
us.iolite.software
ivanbotty.cloud
jwitt.me
kawaiikiwi.online
www.koaed.com
liquidskylines.org
fireb.minortom.net
mollychacon.com
auth-dev.multimate.io
www.nioequipment.in
shading.nkportfolio.com
novacodellc.io
obakemask.net
onionshack.com
openstage.amsterdam
app.ordo.is
www.prayerwall.church
camera.prettybigmonster.com
www.primeplexpictures.in
www.primosti.com.br
www.purfumeanee.com
restaurantesrustic.com
www.robotega.com
admin.rocola.es
roofdeck.io
www.rventerprises.net.in
sagaworkshop.net
www.sapientconsultant.com
sicine.mx
signer.is
soundslides.org
buy.speak-digital.com.au
www.steppingstonescommunitysupport.com
superpajo.hr
www.survaivor.nl
customerdev.swiftlaundry.mx
safe.test.tada.dev
www.tagfund.org
www.teacherpacheco.com
apps.techmanzain.com
toyotsukisoft.com
www.trouter.me
links.beta.tryperch.com
beta.turingxun.cn
salud-autenticostigres.uanl.mx
camp.umiremix.com
star-demo.untied.io
unitedsup.utaiseya.com
admin.uzaje.fr
valleyai.io
www.vellalarmanavizha.com
text.voip.io
enigma.webspired.de
whisperinglegends.com
connect.wisetek.net
xtyz.de
www.yogagoof.com
zlink.in
Other domains in certificate