Open
Cached
·
just now
86/100
SECURITY SCORE
Certificate Information
Subject
CN=dameware.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
December 15, 2025
Valid Until
March 15, 2026
72 days
Public Key
RSA
3072 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6D:BB:B3:6F:5E:5A:3D:51:EA:71:64:FF:22:FA:F3:20:37:1E:4D:8B:AB:44:5A:24:16:53:27:33:52:17:42:39
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Weak
max-age=0
Content-Security-Policy
Basic
script-src; object-src; base-uri; +1 more
script-src 'nonce-4bf36b8439d776cb8b98996c4a7eb00e' 'unsafe-inline' 'self' blob: 'strict-dynamic' *.vanillacommunities.com *.adobedtm.com *.solarwinds.com 'wasm-unsafe-eval' https://developers.panopto.com https://embed-cdn.gettyimages.com https://s.imgur.com https://platform.instagram.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com/embed.js https://www.google.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
69 domains
thwack.community
8man.com
www.8man.com
appoptics.com
changes.appoptics.com
admin.dameware.com
dameware.com
dnsstuff.com
tools.dnsstuff.com
ftpvoyager.com
www.ftpvoyager.com
www.ipmonitor.com
itproday.org
kiwisyslog.com
loggly.com
www.logicalread.com
blog.papertrailapp.com
help.pingdom.com
livemap.pingdom.com
royal.pingdom.com
st-livemap.pingdom.com
rhinosoft.com
www.rhinosoft.com
community.samanage.com
help.samanage.com
www.community.samanage.com
www.samanage.com
demo.serv-u.com
serv-u.com
www.solarwinds.cloud
solarwinds.cn
www.solarwinds.cn
dam.solarwinds.com
demo.solarwinds.com
do.solarwinds.com
go.solarwinds.com
helpdesk.solarwinds.com
internalregistration.solarwinds.com
ipmonitordemo.solarwinds.com
ir.solarwinds.com
knowledgebase.solarwinds.com
lab.solarwinds.com
nurture.solarwinds.com
orionalpha.solarwinds.com
partners.solarwinds.com
redirects.solarwinds.com
solarwinds.com
store.solarwinds.com
traceview.solarwinds.com
ucr.solarwinds.com
webredirect.solarwinds.com
whddemo.solarwinds.com
www.it-trends.solarwinds.com
www.support.solarwinds.com
solarwinds.jobs
www.solarwinds.jobs
redirects.solarwinds.net
solarwinds.net
webredirect.solarwinds.net
solarwindsmeetup.com
swiroadshow.com
www.swiroadshow.com
tek-tools.com
thwackcamp.com
www.thwackcamp.com
www.trigeo.com
vividcortex.com
www.vividcortex.com
webhelpdesk.com
Other domains in certificate