Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=colorpop.studio
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 30, 2025
Valid Until
March 30, 2026
71 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C3:EA:64:BB:85:A3:82:2F:17:3C:B0:5E:12:DB:83:80:D4:29:1A:10:06:F7:89:D7:CE:77:A4:3A:24:AF:8C:18
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
bethanyborrough.com
www.1000yen.app
accedeceramics.com
www.activologym.it
addinglobal.org
agastyapeetam.org
www.agencykr.com
alcanzate.com
algaecrop.org
testone.allacarta.app
ws.almeraim.com
editor.arina.one
www.atosrealiza.com.br
cortex.auchan.fr
axtmann.me
pnp-scanner-staging.b-arro.ws
asia.bandai-tcg-onlinelobby.com
www.bapeplay.com
bigbreaches.com
mre.blackfin.tools
certifi.cloud
challenged.app
cheeronlife.com
app.churni.io
claimsolution.biz
colorpop.studio
www.suprimpoudel.com.np
www.coqobecgouin.com
link.credilio.in
cypherpunk.world
danbudworthmead.com
dentaia.site
dmarketing.ro
app.dochaspsych.com
dev.store.easygolf.vn
tracking.englishtown.edu.vn
emanuelechioso.com
learn-bulgarian.enment.net
etts.in
exalor.com
www.fabianodermatt.com
fiyikstudios.co.za
florianklein.me
fm7077.it
gameburlastudios.com
getachewmulat.com
files.ggtk.app
app.grateful.today
growthmindsettutoring.com
cumin-coral.harecord-dev.com
herrerogames.com
isiandsian.hitchd.com
ibees.app
intersa.ec
investchamp.app
www.invoicego.app
jeri.app
kisangrp.com
langkaamulet.com
www.lazytexts.com
www.mariosodigie.com
maxkeppeler.com
migihome.pro
lprn-transaksi2025.my.id
natalsimplicidade.org
251.neovasi.com
www.nicolatiani.com
www.obum.me
actor.ondrejbures.com
oneclub.backstage-dev.oneclass.vn
www.orderbuddy.net.au
pdbn.world
peppyhome.com
m.pharmacyone.io
policies.pltfrm.jp
profilelink.app
baywa.rgateway.it
fortcollins.salsite.com
www.samfentress.me
seattlechange.org
singinglessonsbournemouth.com
sentry.slz.lol
api.spacemer.com
sportongo.com
streetart.app
www.sympathique.me
www.talktoany.com
tamilsonglyrics.net
www.tdespenza.com
tensorbrick.com
thegroup.asia
www.thompsonharris.com
toloctoloc.com
terms-agreement.uricall-stg.com
ajuda.vendergas.com.br
vizpulse.ca
ops.washdoctors.co.uk
wattpeak.co.uk
whatwas.org
app.work.life
Other domains in certificate