Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=newfrontier.dreamwave.tech
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 25, 2025
Valid Until
January 23, 2026
62 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
52:A5:6E:17:13:55:64:86:FC:3F:1A:2E:BF:A2:FD:57:A5:FB:8B:94:DE:CF:7F:7A:6F:AF:4B:B9:8C:64:AC:B5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.ibmasters.org
acczyoutsourcing.com
www.amyakademi.com
www.berkanyazici.av.tr
ece.bejar.ca
bevik.me
bhrseguros.com.br
www.binkysbackgrounds.com
bookhousedelhi.com
payment-staging.brooky.io
cesarsantiago.me
channgo.com
codict.es
dev-app.codify.us
theisleofbliss.cognilements.com
www.collective.video
pruebas.cronapp.cl
link.cuci.id
konfigurator.dd-juwelier.de
deltyo.co
lizard.demaio.io
dfaspay.com
qa.diamondsistemas.com.br
djekatore.com
cn.domobile.com
newfrontier.dreamwave.tech
www.easy-back.com
www.economyx.ai
quantex.finclear.net
staging.firesol.dev
staging.genesis.game
hadiya.test.graphite.space
admin.growthhound.io
projectbaseline.gue-be.be
yomi100m.hamajima.co.jp
app.hartsuite.com
www.heritagefishingcharters.com
historiasdeartes.com.ar
hohlederlowen.com
homotopy.io
humanprogram.com
infidreams.com
intellectworksdigital.com
www.intermediumemp.com
itsnotyouindustries.com
www.jeevyoga.com
www.jorgetabernerfisioterapia.com
jotlynotes.com
korki-poznan.com
bingo-dev.letsdive.io
www.letsshopnepal.com
churchonline.lifeau.org
www.lineup.gg
linkmyride.co.uk
libo.littlebookmates.com
loveandnonsensebakery.com
parentuadmin.lubbockisd.org
beheer.mad-science.nl
marvellousdetectiveagency.com
www.marvellousdetectiveagency.com
mdavis.io
www.mentalengine.com
book.meratask.com
dev-auth.mirail.video
www.moeshadi.me
www.mooche.co
myungsoo.com
bird.nathantipton.me
mta-sts.newslab.no
obergtransport.com
www.oiltrails.ca
www.oriunda.com.br
orotepuy.com
web-staging.pefachurchgimu.org
penegui.com
piedmontnailbar.com
www.pinguinradio.com
www.planket.shop
isinbike.qfix.ai
rberkkaratas.com
reformoon.com
cow.rxcx.au
pilot.samenmeerdoenvoorminderafval.nl
www.solomonarnett.com
dl.sporfy.com
sgc.spreadgoodness.love
suffrageaberdeen.co.uk
teamblackbox.in
staging.app.thehopesurvey.com
tiagofalcao.com
today24.ch
showcase.treydev.xyz
webappt2.rr-lms.dev.unomok.com
var.hr
varuj.sk
www.view-awesome-table.com
www.voista.space
dlinks.zenyum.com
www.zerofy.net
zirabot.com
Other domains in certificate