Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=image-game-prototype.joedalton.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 23, 2025
Valid Until
March 23, 2026
57 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6C:D8:41:70:6F:44:A1:AF:D5:5F:D6:B5:2A:68:DE:E5:52:FF:F8:3C:91:E2:F4:ED:37:71:2B:DB:5D:6A:49:80
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
simberg.is
staging.app.cupcake.29k.org
console.abechanta.net
test.aiagencymarketing.co
platform.aim8.ai
dev-ilovejoara.ajoara.com
amedesky.com
appstract.biz
arcbridgegroup.com
astroenergy.guru
baazarnow.com
tdc.bailao.dev
bankhonggioi.top
app.betterwise.com
www.biometrical.io
brandonfonseca.com
www.bytekore.com
c2advance.com
www.camerabreaker.in
mobile.cartoonblox.com
portal.chadwick-family.net
www.cloudlift.ch
kiosk.cleanbox.co.il
app.viver.co.kr
manage-stg.vonder.co.th
www.codebase.org
ocd-doc.codecapsule.cc
www.codelingua.com
course-compass.se
cricketottawa.com
www.discaste.com
doahuddle.com
dreambigwithai.com
www.droptaxiservices.com
www.easysubs.it
secondhand-trends.ebth.com
eonmakes.com
policies.estebanl.com
filip-pancic.com
fred-marmore.com.br
fud.coach
funfitr-studio.com
www.geniedevs.com
www.groupenilo.com
www.guide2.app
www.gymtimer.it
www.hamshahri.de
hstest.co.za
dev.hurreytech.com
alphashybrid.impactwrap.com
inconvenzione.com
dev.reports.infusioncenter.org
intoseychelles.com
www.itamericano.com
app.jeen.care
image-game-prototype.joedalton.io
joinaffy.com
journey-note.com
tings.jstty.com
app.keytocheck.com
articles.libertytips4.com
loveandsalvation.church
mandawin.co
dev.marketizador.com.br
metrics.mayamd.ai
app.meindicae.com
www.michaellemke.info
www.mikerosellini.com
mobilintelect.com
mycupoverflows.life
mydividendmeter.com
www.nixchallenge.nl
nooralmithaqllc.com
www.nullify.uno
admin.omega.best
seats.opentix.life
dev.reseau-environnement.orphic.ca
www.pcalc.net
hpkitchen.peblla.app
bc.pep-rg.jp
playbingo-online.net
www.prodsandbox.com
raghavshubham.in
re-ality.co.uk
recommendai.online
derify.riso.dev
social.robertolegorreta.com
rogerjstewart.ai
salesresearchlabs.com
app.seavee.net
www.app.skinidesigner.ch
www.stevefrancisfoundation.com
coimbatore.supercabs.in
pondicherry.supercabs.in
chaircafeotemenu.triggersplus.com
vatlieuhome.net
wegetbread.xyz
wowdevelop.ru
yapps.co
anniversary.yotive.dev
Other domains in certificate