Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=catches.it
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 29, 2026
Valid Until
July 28, 2026
36 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0C:E5:C6:3F:8D:88:56:45:A5:6F:B5:1D:68:94:CE:DB:92:CD:FE:BB:ED:84:E4:75:2E:79:73:54:0A:6C:84:CF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
catches.it
*.catches.it
*.metrics.catches.it
*.reporting.catches.it
*.visual.catches.it
coff.life
*.coff.life
*.gov.coff.life
*.mobile.coff.life
*.sitemap.coff.life
*.0bd3c5fc-97b3-42e9-baba-9c9dcae8269c.drembaby.be
*.138393ef-fe30-49fe-b93b-334335582638.drembaby.be
*.423bb8ff-b0cb-4570-9ce8-bea654736002.drembaby.be
*.497affa6-1cbc-433d-bc1f-acf538c2809c.drembaby.be
*.account.drembaby.be
*.admin.drembaby.be
*.app.drembaby.be
*.backoffice.drembaby.be
*.bbs.drembaby.be
*.bqymdzor.drembaby.be
*.caizsmagento.drembaby.be
*.cpanel.drembaby.be
*.crm.drembaby.be
drembaby.be
*.drembaby.be
*.eb86b309-9775-459d-b45e-0a805e835ebc.drembaby.be
*.email.drembaby.be
*.emv1.drembaby.be
*.erp.drembaby.be
*.ftp.drembaby.be
*.gitlab.drembaby.be
*.home.drembaby.be
*.imap.drembaby.be
*.info.drembaby.be
*.ipv6.drembaby.be
*.lijst.drembaby.be
*.liste.drembaby.be
*.localhost.drembaby.be
*.m.drembaby.be
*.mail.drembaby.be
*.new.drembaby.be
*.news.drembaby.be
*.notexistsww43.drembaby.be
*.ns.drembaby.be
*.office.drembaby.be
*.old.drembaby.be
*.panel.drembaby.be
*.pop.drembaby.be
*.portal.drembaby.be
*.s1.drembaby.be
*.secure.drembaby.be
*.service.drembaby.be
*.sitemap.drembaby.be
*.smtp.drembaby.be
*.store.drembaby.be
*.wcupokrn.drembaby.be
*.webdisk.drembaby.be
*.whm.drembaby.be
*.wss.drembaby.be
*.ww.drembaby.be
*.ww16.drembaby.be
*.ww38.drembaby.be
*.ww43.drembaby.be
*.ww6.drembaby.be
*.ww7.drembaby.be
*.yohzgaccount.drembaby.be
*.zeifuemv1.drembaby.be
*.zmmxuwhm.drembaby.be
hoyea34ka.cc
*.hoyea34ka.cc
*.ww25.hoyea34ka.cc
karnatakafiles.com
*.karnatakafiles.com
*.ww25.karnatakafiles.com
*.ww38.karnatakafiles.com
*.www.karnatakafiles.com
pcp-pays-andins.com
*.pcp-pays-andins.com
*.admin.tubeyork.com
*.ecdn3.tubeyork.com
*.ecdn4.tubeyork.com
*.magento.tubeyork.com
*.stat.tubeyork.com
*.store.tubeyork.com
*.student.tubeyork.com
*.support.tubeyork.com
tubeyork.com
*.tubeyork.com
*.users.tubeyork.com
*.ww38.tubeyork.com
Other domains in certificate