Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=dream-lab.studio
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 23, 2025
Valid Until
January 21, 2026
68 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C8:20:9F:00:72:D2:D1:47:8C:6B:C7:36:65:F0:7C:59:AA:B8:12:0B:0D:BE:BC:2A:EE:C9:BE:CF:E6:21:70:7F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
surfpay.se
www.adpr.org
www.k-implant.ai.kr
alphascreative.com
auth.donna.app.br
apriori.ai
attilav.com
austroengg.com
www.banklogs.shop
admin.basil.menu
www.bombastic-muellheim.de
caed.app
fifa-calculator.celtian.eu
app.charkoal.ai
chicagojets2014.com
shantisdesigns.co.ke
www.aimmo.co.kr
hr.mwa.co.mz
conectametal.com.br
createdbyx.com
creditai.sg
www.creditai.sg
daycontracting.ca
deepsynk.tech
web-sporter-frontend.staging.havencentrum.delcom.nl
web-sporter-frontend.staging.pa-pvm.delcom.nl
dream-lab.studio
ensilio.com
exploredubaievent.com
fixurcredit.org
flashradarapp.com
skyeischihuahua.fluv.me
fromtherumormill.ca
fromtherumormill.com
garyportfolio.com
gazzstudios.com
germiva.com
app.getheadstrong.xyz
gl-acc.050316.xyz
greetings-now.com
www.hearttoheartproject.org
www.helloyobo.com
auth.hostpdf.com
hyperliftpr.com
app.market.wk.ingentics.com
app.messenger.wk.ingentics.com
interglobetc.com
isupportfarmer.com
www.kandtconsultancy.com
chatbubble-staging.kindly.ai
snowromance.kro.kr
lenzora.store
www.loomint.io
lynxargonop.com
mapnotes.io
mediadesain.com
mobilerepairandmore.com
www.mobilerepairandmore.com
dev.musaffarindustries.com
dev.superadmin.my-mag.fr
superadmin.my-mag.fr
gamehub.jannat.my.id
calendar.mybalinese.com
status.netcore.net.br
www.neurohire.ai
particlewaves.org
pijan.space
www.pijan.space
www.pupcoa.ch
pupcoach.com
www.pupcoach.com
www.pupcoach.io
www.quantumhivetech.com
www.readaily.app
www.roboflow.ai
saruhanoymaci.site
scaledesign.id
shelby.ventures
www.shelby.ventures
www.shopreal.app
www.skillsconsulting.cl
snootoverpa.ws
test.stoniqapp.com
www.street-child.co.uk
sudeshkumar.info
console.superinfo.com.au
tajima-floor.jp
theonecleaning.com.au
www.theonecleaning.com.au
thesimpleclub.de
app.tmpr.co.jp
trasloco.biz
uwcbc.org
layovered.visa2fly.com
tripptrupp.visa2fly.com
viwaterproofingsolutions.com
mifz.webcard.live
wowtracks.com
marketpulse.zenithcodestudio.com
zvconsulting.llc
Other domains in certificate