SSL Certificate Analysis for console.clicknpark.com - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=pronahub.store

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

January 05, 2026

Valid Until

April 05, 2026 83 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

EC:BE:D9:D0:F6:2E:84:CA:26:34:E9:09:7A:A9:31:6E:3B:BC:5D:70:EC:0F:BD:46:3F:2F:D1:AE:1B:3A:85:01

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

console.clicknpark.com insights.clicknpark.com patrol.clicknpark.com payments.clicknpark.com support.clicknpark.com take-ticket.clicknpark.com

Other domains in certificate

aginidhi.com

ahmadgroup.pk

akyavi.com

ewujp.algoramming.com

crypt.amerkovacevic.com

archnbuild-tech.com

beyondhorizononline.com

admin.bolpurmart.com

message.camjo.com

carlaedu.com

cartculator.app

catalogtrack.com

nilko.chavi.com.br

www.chessatbod.co.uk

cryptoid.ai

makeit.davidandgeorge.com

clara.dashboard.deusidt.com

admin-staging.digiqc.com

contact.digitup.studio

app.dijinx.com

dynastron.com

eaitalento.com

echo-share.com

storeconnect.admin.eiosys.com

www.elitesamui.com

ephesustechnology.com

www.faygogamesshop.com

goldencompliance.com

www.gorillamath.com

guelpheyemd.com

habiboard.com

cuongnguyen06.id.vn

dev.keytocheck.com

www.klop-nanny.com

korlab.team

kwikbundle.com

leastcountrush.com

eafcmax.litassy.com

www.lixio.app

chapaquentemadragoa.lupi.delivery

masterfullauto.com

miapppro.com

link.moxom-ye.com

murarilalpatel.charity

www.nabtacare.online

connect.narayann.dev

nasaroyale.shop

system.monti.net.ar

www.nid-de-poule.fr

oldtownspirits.com.au

www.onnutpethospital.com

ornamentdash.com

pawegio.com

phoenixsteel.lk

www.pignusarg.com

pronahub.store

qpicada.com

quarate.com

page.r360.com.br

www.renmind.com

renterbooks.com

start.rivuu.com

robotpak.com

cse-idp.sdsforg.com

sidekick-stage-eu.care-portal.sidekickhealth.com

apps.sidnft.com

app.sidsfarm.com

veolia-app.speakylink.com veolia.speakylink.com

bfit.sphure.app

splitwithbailey.app

www.squishycow.com

templereveal.sqwadhq.com

starlightsaga.com

stage.summercampslasher.com

appk1truck-test.npe.telepass.com

theater-haarlem.nl

thegmstudio.com

messenger.tradewix.com

www.trucksentry.ai

truequantai.com

ubytovaniepikolo.sk

valion.dev

veridecs.com www.veridecs.com

vireolabs.ai

vishalsikka.com

blocksbash.vitersoft.com

www.weasense.co.za

admin.whaco.app

app.whas.dev

www.zalwora.com

ziggy-road.com