Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=collabinator.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 07, 2025
Valid Until
March 07, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D6:35:8A:9C:5F:22:11:02:90:D0:5A:F8:E9:21:54:6B:EC:A3:05:1B:21:90:00:CB:70:32:26:EC:03:56:B2:09
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
3earsyield.com
1bio.me
www.4-20.io
v2.crm.additive-apps.eu
aiquizr.com
aksasakaprioritas.com
www.chat.alignera.ai
schema-editor.alpine.io
amityonlinelearning.com
www.gstapi.appyflow.in
www.armingurdic.com
artisthouseparty.com
astrarcmconsulting.com
www.batista.digital
app.beetbytes.com
cookies.biloba.com
bitecrunch.com
mobile-prodva.bizopsapp.com
blog.cameron.rs
dev.admin.carteiracliente.com.br
forms.childpilot.com
cityklippetvandao.com
closefood.es
collabinator.io
flipbundle.com.bd
hackathlon.decathlon.com
decentmail.com
global.designer-hire.com
greca.mb.dev.br
dgdavia.ae
www.dheerajmarda.com
www.doihavethatcard.com
d1-myproductbook.dpd.co.uk
www.drnagymelaniaugyved.hu
uat.checkin.c21school.edu.kh
admin.esncosmos.com
esportes.online
www.exportconnectportal.com
www.forskolankorallen.se
goldenticket.xyz
gorillasports.at
klerik.grevling.dev
healybot.com
emil.hessman.se
housepurchasedirect.com
housingseek.com
handburger.hypersolutionsph.com
idontgetchaofficial.com
dianayugo.invito.click
app.iotize.com
ipepera.com
jnralegacy.com
app.jorigine.fr
katonakes.hu
pwa-dev.keynexis.com
kisakijapanindustries.com
lamacat.com
shop.liveb4buy.com
ja.loap-software.com
www.lolabray.com
mdrbuildingservices.com
www.medyatarayici.com
fdyn.tessabit.meetalpha.it
auth.menulook.io
dashboard.metadocapp.com
links.metricasdigitais.com.br
attach-prod.mikmak.tv
www.fidelidade.moub.com.br
web.mrgutter.app
stage.myfolio.com.au
uat.nafa.ai
www.nocturnal.work
www.omise.town
new.optimusspark.com
www.perlfitness.com
we-goal-together.plug2dream.com
www.pradostudios.games
auth.pricedive.ai
ptrgv.org
pulapps.com
quantumopus.io
schultek.de
shamalk.com
stableswitch.com
www.swarmoperative.com
staging.admin.the-beauty-book.de
thejasondong.com
ticketand.com
plantsome.timeglass.nl
stage.tinkermachines.app
www.toslide.com
www.urbanlyfe.in
midas-staging.usecorner.io
vahidashtari.dev
cloud.vert.farm
voteinn.com
wttech.com.au
www.xcom.dev
xcom.dev
yogs.stream
Other domains in certificate