Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=collosus.ai
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 08, 2025
Valid Until
January 07, 2026
55 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
97:E2:2A:11:15:B1:56:97:CC:78:09:14:D4:95:4C:F2:D5:88:25:6D:BC:E4:04:4B:9E:3B:08:8B:49:F4:3D:13
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
stormyapp.com
www.ahha-studio.com
www.ajion.co
andrick.xyz
sabroso-admin.anyware.software
appxamine.com
ventas.assureforlife.com
burnout.backslashdemo.com
www.ballhop.co
ballycastle-accommodation.com
link.beautycheck.it
billfan.ca
app.box2box.es
www.buddyexpress.com
apply.caarya.life
www.callnection.com
www.carely.app
carlopati.com
cashooz.com
www.chat-api.com
chembondflux.com
www.clemystore.com
www.alive.aia.co.th
www.codeschoolusa.com
collosus.ai
dearmyforest.com
www.debandjun.com
diegofcoluna.com
dineindeals.co
enterprise.docma.ca
www.atendimento.dropdesk.com.br
push.eventx.co
executask.com.br
www.facundoleites.com.br
famenu.app
fhamortgageloanlimits.com
www.fit-n-beauty.com
freshnfreezy.com
friendsfitness.co
www.ggranum.com
words.gregsherrid.com
happybirthdayrachel.com
www.harrisonhaigler.com
app.hellhelp.com
imp-ulse.com
client.impactplus-investing.com
app.india.com
www.instrumentationhkco.com
gtdemo.itpeople4u.com
jacquelinescakes.com
dev.webview.kairosgame.com
techserv.katapultpro.com
ny.kinetik.care
koshka.se
kourtellos-architects.com
la-neuro-gym.fr
redcontrol.marcafranca.com
mayson-llc.com
en.medicalana.com
blog.mkiuchi.org
stock.mozys.de
app.muahanguc.com.au
safepass.myozinaung.com
contrib-test.naloxofind.com
www.nidaglass.ma
nogasport.com
nozhikov.club
www.nueveolas.es
nutrientcheck.com
test.oryxgo.app
pathtechinc.com
stageqa8.peppybiz.com
cascades.phenom-ideas.com
www.plasticaclube.com
www.polemovebook.com
quickli.io
www.reproducedpapers.com
reverse.vc
www.robotlions.com
auth.dev.routestack.nl
salesmindsetsystem.com
sanhornchen.website
saniba.co
epharmacy.sativite.com.au
schroederssoftwaresolutions.com
auth.google.setplay.tv
sidapecas.com.br
silentriversmallmouth.com
simongarton.com
gsuvote.sqwadhq.com
steeltechmfg.com
dude.tallyfor.com
tap4menu.app
therenthyr.com
toponavi.info
www.tubelaces.it
www.viasacra.band
vmgmc.100.pn
events.vx-events.com
www.windsurfsantapola.com
Other domains in certificate