Open
Cached
·
just now
83/100
SECURITY SCORE
Certificate Information
Subject
CN=app.collagemaker.uk
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 29, 2025
Valid Until
March 29, 2026
70 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
53:AC:3C:75:37:FD:EC:3B:92:5D:89:36:76:C2:A1:B3:EF:9D:E4:0A:AC:60:86:5B:FC:78:CB:B3:B4:B8:A1:A2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
murshidukum.com
bangalore.akdroptaxi.com
akwaabaconnect.com
allsmilessvg.com
services.anoraspaces.com
antsolutions.co.za
www.asc789.com
ayushvij.com
www.biwagames.com
app.bkktennis.com
maidapp.bookmybai.com
dev.budgethelper.app
www.cade.technology
www.calstateroofing.com
kommer.canalstreet.se
app-16.dev.carto.com
centrosportivolacontessa.it
file.checkboard.com
agent.ucash.co.in
www.jenishsign.co.in
app.collagemaker.uk
concursopianouyu.com
digitech.conqurx.com
crcforms.com
console.dilao.in
dev.edtbank.com
devtuyensinh.td.edu.vn
app.escolaedti.com.br
www.pokymon.eu.org
www.fenixpool.fr
accounts.ffid.com.br
devguest.forzaenterprises.com
fumerosport.com
devfest18.gdgcbe.com
www.getreplayapp.com
gkcorp.dev
dev.gostream.co
skiptrace.growthipedia.com
image.hairmake-theater.com
highwinecadeaubon.nl
howmull.com
www.iadentalflow.com.br
idelab.com
indiwheel.com
inkwealthy.com
showcase.inspireacademy.dance
inversionescelect.com
ismylegacy.com
itamarassumpcao.com
itsyouritpartner.com
jill9.com
jscimoveis.com
habits.judelwin.com
www.juhispeaks.com
karmicfilms.com
kateclarkphoto.com
kiddushhodesh.com
share.klinikals.com
www.kona-ar.com
letsforecast.com
www.llect.org
www.auth.loukaaa.com
www.loungesprouts.com
60.lucafloesser.me
lumenol.com
mohamed-soliman.com
mywnetwork.com
neilcurry.com
neovault.app
www.neurojour.com
2019.ng-de.org
www.nicholasfisher.me
app.nuclearengineering.in
ollierou.com
www.onarimachi-shokudo.com
media.olafrikamediafoundation.org.za
ts-linq.ornstio.com
sobre.petlog.me
rfadvice.portfoliolink.co.za
arc.prane.biz
www.proengsul.com.br
propatchandseal.com
www.puffindesign.ca
www.qaryos.fr
www.rtanna.me
ca.sankalaniitk.in
attendances.saturnal.be
sequencediagram.xyz
gym.sportswisdom.online
www.squireconsultancy.com
canglong.ebot.stedu.vn
thanhtri.ebot.stedu.vn
suntex.tw
taif-app.ly
p20-dev.timeline.click
deeplink.tc.travelcard.nl
trinity-plan.jp
udlejningsventilator.dk
wowleads.pro
www.xueying.business
Other domains in certificate