Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=coldone.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 26, 2025
Valid Until
February 24, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5D:E1:34:28:11:58:35:F5:78:BB:CE:D3:A5:77:C5:A1:7E:4E:05:5A:35:58:AE:9D:28:C2:B1:57:5F:E6:7A:9D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.concertata.io
200east83rd.com
28dayai.com
www.addmii.com
serve.advsync.com
www.affixdigital.com
albero-cooking.com
millgame.alignitgames.com
app.amooto.com
andrerobertlee.com
fenom.bambumeta.software
www.barraza-group.com
bestofthebet.com
deals.bgpeen.com
blte.app
staging.bonx.tech
www.brokberry.com
cmdt-exhibition.com
tour.deliquick.co.kr
codetopro.com
coldone.app
uat.decoda.com.au
www.devcoup.com
s1.dhpit.com
eanate.com
eatforless.mt
admin.eccjan.com
www.echoelite406.com
www.elektroamper.hu
app.esn.pl
globalrussia.eventtravel.app
felixbagur.com
admin.shop.gls-portugal.pt
grayhut.com
app.hallbarbyggnation.se
www.helsinkidigitalhub.com
www.hlolacare.co.za
hyla.io
downloads.ignatiusdeveloper.com
infamouskydiving.com
intranalytix.com
invcreate.com
www.ittae.io
jesuscalling.info
news.jill9.com
terms-analytics.kahero.co
www.kasgai.com
werwolf.lange.click
birthday.mainsbury.com
www.mandalart.me
www.markbryk.com
massagetherapy.org
maximbouckaert.be
mealiberatio.com
calculator-docs.mifinancialplanning.co.nz
miroku.clinic
wellfair.mobileappster.co.uk
muteventures.com
incelemeler.informacion.my.id
myloopinc.com
squads.mytogs.co.nz
www.naturedot.in
nightmoves.ie
admin.oberartisandrums.com
app.osdrmdatabase.online
www.ouchiacademy.co.jp
www.paoxmio.com
patrontekpatti.com
app.pickleballwithfriends.com
apps.pinbit.app
pixoditor.com
bestellen.pizzeria-nihat.de
portuclean.pt
www.powergreedwarandweed.com
www.primevillalonavala.in
clientvip.printemps.com
app.psst.se
staging.api.rarimobiliaria.pt
jeevan-jyoti.remotestate.com
mcrq.rethought.se
emprendamos.rhodium.ooo
www.securelogs.com.au
seekable.uk
sham.rocks
stg.skonnect.io
www.smartchartsnxt.com
songwishes.com
speedline.app
steinek-hronkopff.vip
technokasim.com
www.terragusta.be
downtown29.thediners.in
www.tnx.app
www.trumoto.pro
uat2-gtm.uas.aero
www.universalmediapartnership.com
velograph.app
voteonstream.com
v2.dev.wearesosure.com
zerohoursjob.uk
Other domains in certificate