Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.dreamcatcherds.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 11, 2026
Valid Until
April 11, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
91:95:40:48:67:9B:5D:D6:3E:62:C9:5E:CB:E3:0E:17:7D:EF:83:C5:30:34:A4:FF:E9:EB:EF:52:B5:95:CC:B3
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
esl.my
adobetraining.ie
www.aioper8.com
dev.aro.work
test.attach.digital
autohubal.online
auth.finanzas.bm2one.com
brandhound.dev
bullionbazaar.in
campusmate.in
admissions.centralcollegegh.com
clean24.app
polaris.cognitrio.com
www.coilinstrumentacion.com
constructionadminspecialists.com
corvonest.com
dadagreen.com
www.devofbeirut.com
www.dreamcatcherds.com
landing.duovarsity.com
elementuak.com
eqafterhours.com
resbooker.essentialx.us
websitetracker.essentialx.us
eurodiagnosticashpk.com
gearshiftsupply.us
www.gearshiftsupply.us
getbideo.com
www.getbideo.com
gracepluss.com
chat.guivus.com
hadnu.org
hicksharbour.com
www.hojedolar.com.br
haquilata.id.vn
indiomarioremax.com
iap.technical.intrinsic.no
johnpatrickprieto.com
app.kendisc.com
koloro.app
www.lizthecellist.com
mal3kith.com
manuelcucca.it
mapiqapp.com
meatmubarak.com
marhababar.megapos.store
metiscompute.ai
links.misskey.dev
aiartistry-delete.mknour.com
www.moritzlaube.com
mygaragepass.com
enterprise.netlaw.com
nextbillionmaps.com
nikschulte.com
omkardropcab.com
www.omkardropcab.com
onefresco.com
www.onefresco.com
www.onlinekar.in
hv-dev.onscene.team
optimizemystr.com
osmanjimenez.com
ozzme.com
p-engel.com
paiediscount.com
pamolaventures.com
pangeavisiongroup.com
www.pangeavisiongroup.com
paufdez.com
petalsocks.in
www.pisoni.ai
api.pubdata.io
quacks.io
rabbitprototype.ing
recyclelytics.com
restoconcret.fr
www.reverenciamajestad.com
rikmabymiki.com
rovers.website
sachacks.io
sierrakanecreative.com
skul.no
smartpaiol.com.br
sparkpictures.com
spreadslikewildfires.com
wework.sqwadapp.co
support-365.com
app.taps.digital
taurinoimports.com
technicalorganizer.com
traditionleasing.com
stagingsviewer.tri3d.in
canteen.veddh.com
vendingchat.com.ar
www.visemdraltd.co.uk
viviannee.com
www.wiewatbewaart.nl
woolszone.com
xe-digital.com
app.zoneplatform.io
Other domains in certificate