Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.chp.zp.ua
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 26, 2025
Valid Until
January 24, 2026
62 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CC:13:D3:72:44:1A:91:E1:95:EB:D9:44:2D:75:B1:CC:E9:06:02:50:25:59:B5:32:D8:F4:89:9C:04:F0:E1:6E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
adconsultinghh.com
8oktas.com
www.kalyna.activia.ua
flash-report.cdp.adeo.cloud
dharmapuri.akdroptaxi.com
dindigul.akdroptaxi.com
erode.akdroptaxi.com
kanchipuram.akdroptaxi.com
nilgiris.akdroptaxi.com
ooty.akdroptaxi.com
pondicherry.akdroptaxi.com
viluppuram.akdroptaxi.com
carnet.alborea.app
aliran.com.mx
app.astralbilling.com
csh.augmity.com
autosprink.com
avttour.com
web-mobile.balin.app
play.bngo.app
www.bostonautoexperts.com
templater.bradteague.com
www.c911.me
ad.capitaopoco.org
www.caregiverafrica.com
app.challenge-insure.ru
www.chilearmas.cl
butagaz.civitime.com
derpferd.net
dewanpers.org
doug-orchard.com
appsetting.egp.vn
eliasgonzalez.me
api.ellingson.app
enderapilot.com
www.esprit-gospel.fr
hertzschepressung.eveandelse.de
farmertech.cc
prd-admin-new.fix4.com
randomizer.fluin.io
legal.fsfleetwms.com
user-management.fsfleetwms.com
gigstack.pro
www.giovannisconstruction.com
mathsquiz.harrydmorgan.co.uk
heavensentspiritualcentre.co.uk
himmobilier.ch
www.hofer-weinmesse.de
homedevicedetector.com
www.horvathmobilgumis.hu
test-pay.hti.app
huckleback.net
optihome.in.ua
m.kiadrummondville.com
www.kolibriapp.de
emojis.l0m.de
lacera.az
cfc-performance.lernit.app
www.limitlessstagingrentals.ca
linehopper.app
londiniumarchitects.co.uk
www.lukeisawesome.com
biz.mainclass.com.br
shea.mattsturdy.co.uk
sls.mobilenxt.app
mymixmatch.com
nuchat.com
oinvestidorbrasileiro.com.br
omicode.info
app.staging.panda-cloud.co.uk
joiniwd.parallel.live
www.penisbutthole.com
api.docs.phishar.io
play.photoroulette.app
ios.demo.ponymakers.com
priemerznamok.sk
prograchallenges.com
www.prolaranda.com
pon-sprintboard.qlouder.com
www.riksnelders.nl
www.ryan.wtf
www.ryanzakariudakis.me
searles.co.za
prod-horizon.static.securetheorem.com
player.seenspire.com
app.superbooking.ai
surf-snap.com
app.t-bit.io
portal.te3co.app
www.thevincentn.ca
integra.uc2bbh.com.br
uxpure.com
www.veyselace.com
viibe.app
login.visity.app
wecare-app.ca
wlbteam.com
zenapp.zehnda.com
link.zo.nl
www.chp.zp.ua
Other domains in certificate