Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=3ok.in
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 07, 2025
Valid Until
January 05, 2026
39 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
89:3C:C9:1F:A4:B2:6F:87:4C:60:C7:3F:DB:0F:BF:54:AF:4F:E4:4A:A9:73:B5:68:AC:25:73:86:FD:49:7B:5F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-GofOr3pOJoqTMAcyfnq6zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
links.okayinside.com
11521054.peerly.app
3ok.in
airportshopping.fi
anze.dev
www.arnaud-desportes.com
viniciusalmeida.arq.br
aytdm.com
bobbieross.co.uk
qatar.bolao.futbol
bridj.in
lentesmania.clau.io
www.neetiphysiotherapy.co.in
ventepaca.com.gt
comercial7.com
www.comercial7.com
www.app.cusaonline.ca
dazun.online
djlechuck.fr
staging.doccly.app
doctran.us
educangola.space
www.eebee.com.au
morrison.equix.app
setup.faisalazhar.xyz
auth.fanatics.cr
admin.forgetreg.com.au
gamedevgalaxy.in
pro.gaston-services.com
godainfotech.com
gznmusic.de
hfupdate.ca
hikingtracker.com
sample.s.hotekan.com
hqbinauralmeditation.com
www.hym-app.com
ideallight.com.br
indihome-surabaya.com
tecsaude.simulador.izii.io
www.jamesgolding.dev
javito.me
webrocket.junsoft.com.br
link.k2meta.kr
kellydiabagate.com
www.kreatelist.com
lamahattagrove.com
me.larcom.dev
lehongthai.vip
1v1me.leonaltstadt.com
lewandlin.com
lookatthisgraph.com
www.malayicha-zonke.com
www.marqeteo.com
mikenicholson.com
mdistribution.mprocesses.com
beta.mylibrary.world
auth.mysz.io
napitap.hu
pic-tipwin.mentor.neccton.com
www.nissanbolsa.com.br
grand.nt-me.link
nuegen.com
nulanes.com
chircop.onceaccounting.com
onel.in
reservas.parqueaustral.cl
test-platform.perrelet.com
pixelixe.com
app.prepsheets.com
islandpokelarochelle.order.pulp.eu
qr-serv.fr
www.raulmoya.es
readnest.in
auth.revenuebnb.com
www.samplia.com
shinystarcare.com
shoppingparts.com.br
simplecoaching.de
www.sistersmiley.com
stage.sonat.com
resume.soumalya.in
spotifyviz.com
links.squirrel-vpn.com
studiomeliina.fi
superred.com.ar
sushite.se
techforage.tech
www.terratwin.com
tirthb.com
tobe.zone
trimcutz.com
ebs.ttvtools.com
static.typebot.io
spacetraders.urth.dev
console-staging.viewie.com
invite-dev.walkmining.com
www.weeklyflick.com
ooch.wiselysoftware.com
students.zunavish.com
www.zuvotalk.com
Other domains in certificate