Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=periwinkleelearning.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 06, 2025
Valid Until
January 04, 2026
44 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6F:CA:8C:E0:B2:8F:B2:D6:5E:9E:A1:87:98:F5:CE:FF:45:08:4F:03:27:19:33:EC:89:45:28:CA:4B:08:FC:78
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
periwinkleelearning.com
www.4health.is
auth.qa.57hours.com
edit.ahs.app
arden-ai.com
atomical.it
api-eu.atrigam.com
crm.avolta.app
walletplace.bcode.cloud
assets.beccadel.com
app.becovalent.co.uk
www.beet-together.de
resources.belshil.me
lessons.bk0.eu
www.centrodan.dk
auth.cloudalgo.com
www.cloudbasha.com
siumshas.co.il
codesign.today
crackingslate.com
www.dajumeals.com
games.deanworth.com
dodrex.com
doser.app
drentsealliantietheaters.nl
www.dustinfrankel.com
www.ebenezertseh.com
www.edactiv.com
folktale.emiebrands.com
www.evdev.me
c-suite.financialcanvas.co.uk
cybird.fronx.de
gactec.com
www.ruota.gd.si
url.gdsc.app
pay.gimmemore.com
www.gobusinessinc.com
app.greenbunnyfmt.hu
www.gruposercomm.com
www.habitory.com
login.healthy-india.com
vn.hocviendaotao.com
manage.homebox.co.uk
www.igamaapps.com
www.ingeniumedu.com
link-staging.iynk.com
javelinaathleticcamps.com
jgf.app
www.kasianbeauti.com
kratesoft.com
missuenosaunclic.leonisa360.com
www.loupak.com.br
www.manycashback.com
www.marvlist.com
med-scanner.com
www.mexedich.vn
tabs-qa.mobilenxt.app
ld.modernmapart.com
share.momsrising.org
admin-dev.monittor.com
app.nativeslides.com
admin.nopanoga.app
pixmobtools.nubosoluciones.com
www.oxmountainadventurecamp.ie
www.pargavan.com
admin.piti.app
pixelschmiede.com
shop.planet4.life
www.blendmadeleine.order.pulp.eu
www.pumahybrid.com
putfontein.co.za
railroadsolitaire.com
trivialblitzrcgk.rccsonline.com
mastermind.restauwant.com
www.reuternatursteine.de
www.rezar.com
saltandsagebooks.com
sexy6.in
rahim.shareinfo.site
www.shopwithspark.com
sktmytaxi.in
smithgakuya.com
api.soywibo.com
ekin.sulutprov.com
bio-get.sumittuteja.com
swarnakart.com
tapfunstudio.com
tbpoweron.com
testpasser.com
seabid.theseabay.com
tirisiway.com
townandcountrymutual.com
tzetta.com
sys.udify.io
www.udong09.com
upstates.in
vinodandraji.com
www.voose.swiss
www.wasyokusapo.co.uk
weatherdeals.app
Other domains in certificate