Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.dramebrahim.co.za
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 29, 2025
Valid Until
January 27, 2026
52 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
36:3D:F4:5B:50:F8:67:F1:7C:5A:98:07:BA:68:54:5E:F7:57:8D:18:25:AF:83:80:6E:8F:4B:C6:16:F3:FD:9A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
devis-dev.flitter.fr
is.5sft.com
dev.web.aglive.com
meet.amicaldo.de
dev.link.amigos.community
staging.gamecredits.ampverse.com
antiochiandirectory.org
phenov2.anuvabio.io
aplicabeloz.com.mx
www.apploge.com
www.appzavr.com
barneyreecetgm.co.uk
bisabel.me
bistro73.tn
www.brianritchie.me
www.ceto.ca
clout.dk
cntrc.de
mmk9.businesspackage.co.kr
games.cocoroid.live
roadmap.codelink.io
stage-admin.alfred.com.mt
www.flec.com.na
www.heming.com.tw
craftcoders.app
dharmakatha.org
www.dramebrahim.co.za
orbitcarerdev.edumate.com.au
emmaly.ai
endoscrining.uz
eurociclo.com.br
www.fattypattyrestaurants.com
fintech.do
www.folkfriend.app
app.getelessar.com
globalenterprises.solutions
www.hanzelka.io
wordpuzzle.hdegames.com
khanhbui.id.vn
dev.memberships.infusioncenter.org
dependencies.jopit.com.ar
dev.kedarnathblog.com
apphost.keyin.pro
kytkeva.fi
www.maarianhaminanlentoasema.fi
michaeldiep.co.uk
microfunda.com
interestcalculator.mokimokiteam.com
moneytime.page
www.mtm-putki.fi
myndjournal.io
newgradnomad.com
oddsocksphotography.co.uk
p5aholic.me
deviceinsights.prod.panorama.paloaltonetworks.com
link.pety.vn
pos.plankton.mobi
goodwillsv.portal.plenadata.com
invite.pocketstyler.com
eatpresto.prestoexpress.co.uk
admin.pubq.se
qafy.xyz
quietalk.com
reha-buggy.eu
sbsmng.removis.jp
www.riteshshukla.dev
uat-api.roxabo.com
servicelinc.online
shinmeiko.com
www.sk-autoglass.com
www.skillnite.com
www.sohow.sg
www.soljicin.cz
www.sqweasl.com
sreenachimarchits.in
ironbuilding.studiossolution.com
summit.tattoospot.app
www.tekbravo.com
www.thefold.no
gateway.thekusp.co.uk
admin.themediaant.com
thepositiveinternet.com
www.thesimpleengineers.com
tidyhouse.com.mx
www.tohoku-yasou.com
www.trevia.app
growupstudio.turnosweb.app
twentyfoursevenapp.com
app-sandbox.untied.io
vastavya.com
venvic.com
www.vidarz.com
desing.webgae.com
links.sbus.telema-stg.whitecloud.jp
test.work.life
www.xarlat.com
xooniverse.com
api.xscript.dev
yesmkt.com
monster.znet.app
Other domains in certificate