Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=elfstudio.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 07, 2025
Valid Until
February 05, 2026
57 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
20:B7:62:78:C2:69:2C:58:74:7C:D8:1D:C9:30:19:97:1F:16:21:E8:AD:DC:99:BA:52:4D:F3:D8:FA:5B:E9:1A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
11zoo.com
2025.pueria.pl
vote.kmuexpo.cs.kookmin.ac.kr
www.ep.tr.ac.th
lumora.ai.vn
app.asdcourierja.com
www.breezecolourfulpaintingservice.in
www.bustan.co.za
cahayamuliavalasindo.com
staged.bizzlab.co.in
irod.co.zw
coachsemir.com
controlwebpro.com
cowguard.net
www.cowguard.net
cs-plastering-and-maintainence.co.uk
music.cs505.site
cseupsc.in
echecker.fun
www.echecker.fun
www.eleaima.com
elfstudio.app
purp-pretest.ezschool.info
giadinh.fastvalue.vn
fitb.fun
singapore.g17.eco
gaetgaden.dk
musiccc.gamehub.run
mymusic.gamehub.run
getafeel.com
www.globridgecapitalifsc.com
x-share.gocad.de
heavenly-library.com
qa.horizonte.top
ntk1196.id.vn
ifikratia.com
ignitedbrandz.com
docs.inchurch.com.br
indrasnectar.com
links.inneri.io
merchant.intelibuy.my
www.isc-uk.org
shoplite.itsltd.rw
jnjsoft.co.uk
www.jnjsoft.co.uk
www.just24.in
www.juvenc.com
lady.khan.kr
kieuly.com
www.klasseplanen.no
auth.test1.lecre.kuraemon.com
linkswapr.com
remedi.lucaszafret.com.br
www.menunix.com
deliverytracker.michellemade.com
classic-demo.mysterydeck.cz
modern-demo.mysterydeck.cz
auth.mythea.com
nextaibridge.com
www.nextaibridge.com
www.niceprototypes.com
blog.ninjadev.online
manage.nivedhitaschool.in
placement.oceanacademy.in
panel.ohmobility.com
maintain.omnevu.com
retail.omnevu.com
byteforge.paxus.in
hot-seat.polypoint.dev
printerhp.shop
psudo.app
pupsi.eu
tunts21.dev.quantumrfid.com
domainleap.supporedme.qzz.io
remyos.de
reservationtr.net
ridemart.store
examready.rkutumb.in
study.rkutumb.in
mega.saleshubagency.com
samsungdooras.com
schnellstudio.de
sensationsbymicky.be
www.skepglobal.com
snexpresskuwait.com
docs-preview.solvapay.com
docs.solvapay.com
siroki.statsearch.team
supateam.ai
surchauffe.com
themellowghekko.com
www.thesimpleinformatics.de
truevalleyhomes.com
tusou.run
www.tusou.run
campettogo.virtusrea.it
www.visitplann.com
reviews.vivolux.de
www.yqsy.autos
yqsy.autos
Other domains in certificate