Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=certify.chat
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 04, 2026
Valid Until
May 05, 2026
86 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0D:BC:D3:77:71:87:C2:82:41:9E:E0:C8:27:5D:1B:07:F4:9E:D2:5D:FA:69:38:FD:94:3E:F3:CB:A6:21:BD:8F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
cerber.cc
*.cerber.cc
bipinnatisected.com
*.bipinnatisected.com
birthdefect.center
*.birthdefect.center
bislacco.it
*.bislacco.it
blackjacks.us
*.blackjacks.us
blossombridgeboost.live
*.blossombridgeboost.live
bogar.us
*.bogar.us
boros.it
*.boros.it
brokered.it
*.brokered.it
brutal.one
*.brutal.one
btlx.pro
*.btlx.pro
busybeedesigns.com
*.busybeedesigns.com
buxer.org
*.buxer.org
buy-gearlab.shop
*.buy-gearlab.shop
bzbkl.com
*.bzbkl.com
cageverse.com
*.cageverse.com
camion.vip
*.camion.vip
canada-auto.com
*.canada-auto.com
car-insurance-232824359.click
*.car-insurance-232824359.click
catalystbrandstrategy.co
*.catalystbrandstrategy.co
cellularepair.it
*.cellularepair.it
cenno.it
*.cenno.it
certifiedapppork.com
*.certifiedapppork.com
certify.chat
*.certify.chat
chainagnostics.com
*.chainagnostics.com
cherishedweddingdays.beauty
*.cherishedweddingdays.beauty
chibichibi.org
*.chibichibi.org
chooses.it
*.chooses.it
chukui.com
*.chukui.com
chunxiaoge.xyz
*.chunxiaoge.xyz
cib.me
*.cib.me
cinemalove.studio
*.cinemalove.studio
claims.bot
*.claims.bot
classupcrew.com
*.classupcrew.com
clearwaterjourney.com
*.clearwaterjourney.com
cleverdesign.info
*.cleverdesign.info
clou.design
*.clou.design
cloud-storage-pe1.click
*.cloud-storage-pe1.click
cloud-storage-pe2.click
*.cloud-storage-pe2.click
coachonlinenz.com
*.coachonlinenz.com
colatvxv.vip
*.colatvxv.vip
completeit.us
*.completeit.us
concrete-repair-us26-dp.click
*.concrete-repair-us26-dp.click
consival.top
*.consival.top
consultoraexpertinsta.site
*.consultoraexpertinsta.site
Other domains in certificate