Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=collately.co
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
January 17, 2026
Valid Until
April 17, 2026
59 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0C:F9:0D:DC:AD:2C:4E:26:08:94:5A:73:80:71:E7:13:27:4D:19:67:C1:71:AA:4B:33:0D:49:58:99:C9:68:51
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
collately.co
*.collately.co
*.ww25.collately.co
19bam.site
*.19bam.site
1day1ddal24.site
*.1day1ddal24.site
1win1winnnnnnkrot.pw
*.1win1winnnnnnkrot.pw
1wraex.top
*.1wraex.top
1xlite-314646.top
*.1xlite-314646.top
7lordserial.fun
*.7lordserial.fun
ag-logistics.store
*.ag-logistics.store
agshoes.online
*.agshoes.online
ahorayuda.store
*.ahorayuda.store
aibro.site
*.aibro.site
befactory1.info
*.befactory1.info
bewley.store
*.bewley.store
*.aminamat.devianart.com
*.animedays.devianart.com
*.asunan.devianart.com
*.bad18inc.devianart.com
*.calciumrocpro.devianart.com
*.childheroes.devianart.com
*.claudio-gonzalez.devianart.com
*.com.devianart.com
*.cygaj.devianart.com
*.denniscmhmy.devianart.com
devianart.com
*.devianart.com
*.devil.devianart.com
*.doodlesdedasarcofago.devianart.com
*.fallandark.devianart.com
*.fineappletart.devianart.com
*.hawkxs.devianart.com
*.jeffhog.devianart.com
*.josemauricio.devianart.com
*.lastovich.devianart.com
*.livori.devianart.com
*.mitenitesnow.devianart.com
*.sbel02.devianart.com
*.shokisan.devianart.com
*.silver-rozen.devianart.com
*.smolb.devianart.com
*.stevejemtrud.devianart.com
*.tuwansisa.devianart.com
*.email.footermail.com
footermail.com
*.footermail.com
*.mail.footermail.com
*.ww38.footermail.com
gimmickry26.fun
*.gimmickry26.fun
*.sitemaps.gimmickry26.fun
hullfencing.co.uk
*.hullfencing.co.uk
*.new.hullfencing.co.uk
*.ww25.hullfencing.co.uk
metroscope.com
*.metroscope.com
*.mold.metroscope.com
*.ww16.metroscope.com
*.ww38.metroscope.com
*.5024.mieux.online
mieux.online
*.mieux.online
*.best-switch-roms-reddit.nexovia.cfd
nexovia.cfd
*.nexovia.cfd
*.app.qmui.club
*.mail.qmui.club
*.mx4.qmui.club
qmui.club
*.qmui.club
*.ww25.qmui.club
*.www.qmui.club
streameat.ch
*.streameat.ch
*.ww38.streameat.ch
yhg.com
*.yhg.com
Other domains in certificate