Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.dilemmainsights.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 18, 2025
Valid Until
December 17, 2025
33 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
38:F2:7C:83:A5:A9:51:FD:FA:9C:CA:E3:C8:87:FC:1A:4B:1D:DE:05:BC:76:0C:49:FF:55:4E:9E:EA:1B:34:EE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.ksu-quest.com
teatr21.180hb.com
dev.209aircadets.co.uk
admin.adlibitum.com.br
alecng.ca
almdata.com
andnuts.store
www.angel.uy
hireeasy.apxor.com
www.autismchat.net
smarttools.avanichavan.com
www.axono.at
www.bantumart.com
beta.bestinvoicing.com
go.borra.today
auth.app.chatdaddy.tech
www.ciskodisco.com
www.cloutch.com
agent.szfns.co.kr
stylerecipe.co.kr
www.samala.co.kr
www.dairyhomeorganic.com
deal-reel.com
promos.definedcleaning.com
desenvolvedor.vip
app.dilemmainsights.com
ms.diskito.eu
doradolist.com
faf4-wb-old.sachso.edu.vn
faf4-wb-v2-old.sachso.edu.vn
faf5-wb-v1.sachso.edu.vn
gd-stem-lop1-old.sachso.edu.vn
gd-stem-lop2-old.sachso.edu.vn
lifekinnex.ekinnex.com
emrpfoundation.org
feremcare.com
www.flight-friend.com
flohbay.de
app.football-live-score.com
francapovilla.com
www.fredericferrando.com
gamedez.com
georest.ge
buydev3-links.gojabu.com
pay.sandbox.pairpoint.gr4vy.app
gttecnology.com
hallstatt.ru
hanialhaddad.com
app.harristhomas.com
baitapbuoi3.id.vn
conchoconmel.id.vn
www.ihold.co.za
www.impact-and-values.com
krusangtawan.in.th
www.indyvanoijen.nl
infast.com.mx
www.interdatax.com
demo.issuance.com
hangout.itdogtics.com
clipboard.ivybrookacademy.com
www.julienmoulin.tech
invest.landex.ai
login.leap360.com
www.leclercqantiquites.com
pullit.leshem.life
littleheavendaycare.org
admin.londoncallingrecords.com
www.luxe360la.com
magadhmission.com
margav.ca
masterwithmahi.com
www.mira.network
www.smart-cloud-ide-lp.moff-bear.com
dev.montri.fr
nakamuraya.com
uae.nationalday.ai
demo.parkey.io
reversi.popoko.live
pracowniagosia.pl
www.rajnishanand027.in
dentons.redacted.ai
manage.hunt.redsols.com
richardengl.de
riyominternational.com
score.roundnet.lv
www.ryryryan.com
ctf.security1.io
essential-group.smudge.dev
platform.stylers.cloud
subtlesolution.site
app.tasq.me
trade.flex.ton.surf
www.topdrivegroup.com
www.triestefamily.com
agency.userea.com
vasukiessentials.in
rapid.vihaga.dev
vitall.lv
www.webdevmonk.com
splitspaces.yodelit.co
Other domains in certificate