Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=coloradoholistichealthplan.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 19, 2026
Valid Until
August 17, 2026
56 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
96:30:C4:1D:B8:E6:2A:2A:65:92:B2:D4:C1:41:58:1B:36:FB:6B:97:40:28:23:00:2E:D4:8E:6F:A0:76:BA:AE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
88 domains
lestari-informatika.com
*.lestari-informatika.com
bokepinaja.co
*.bokepinaja.co
bookofbooty.com
*.bookofbooty.com
brillivio-editor-by-shio.com
*.brillivio-editor-by-shio.com
business-mailing-list-marketing.com
*.business-mailing-list-marketing.com
bynder.co
*.bynder.co
byrdpark.net
*.byrdpark.net
caller2contact.org
*.caller2contact.org
cantrellwoodworks.com
*.cantrellwoodworks.com
careyrealtylawgroup.com
*.careyrealtylawgroup.com
carolinamtgspec.com
*.carolinamtgspec.com
chanelflix.co
*.chanelflix.co
chaowu2016.com
*.chaowu2016.com
cheeritonsports.com
*.cheeritonsports.com
christinahurley-scott.com
*.christinahurley-scott.com
circana.co
*.circana.co
citrusolutionsouth.com
*.citrusolutionsouth.com
cjsfashionformen.com
*.cjsfashionformen.com
coloradoholistichealthplan.com
*.coloradoholistichealthplan.com
contentmarketingatscale.com
*.contentmarketingatscale.com
cpaofsanmarino.com
*.cpaofsanmarino.com
furiadetitanesluchalibre.com
*.furiadetitanesluchalibre.com
gerlandoinfuso.com
*.gerlandoinfuso.com
getchampion.co
*.getchampion.co
goodgatorgames.com
*.goodgatorgames.com
gronvalito.cfd
*.gronvalito.cfd
gulf-hudson74.com
*.gulf-hudson74.com
hijosdelaguerra.com
*.hijosdelaguerra.com
historichomehunters.net
*.historichomehunters.net
holiday-whitsundays.com
*.holiday-whitsundays.com
iching-online.org
*.iching-online.org
jeanninekbrownonline.com
*.jeanninekbrownonline.com
johnatatum.com
*.johnatatum.com
jraxfy.cc
*.jraxfy.cc
juecesinfanciamercosur.org
*.juecesinfanciamercosur.org
kansascitypianotuning.com
*.kansascitypianotuning.com
karensbeautifulhomes.com
*.karensbeautifulhomes.com
katemputnam.com
*.katemputnam.com
kyontap.com
*.kyontap.com
lapiqurestudios.com
*.lapiqurestudios.com
laposteria1817.net
*.laposteria1817.net
leagueofwomenbowlers.org
*.leagueofwomenbowlers.org
leanstreammedia.com
*.leanstreammedia.com
leon-casino-z95bl.top
*.leon-casino-z95bl.top
Other domains in certificate