Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.one-chat.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 21, 2026
Valid Until
April 21, 2026
82 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F5:85:84:2B:92:7D:44:B0:F9:91:A5:2C:B7:58:85:56:6F:AF:8C:48:32:B6:F3:90:ED:AF:8B:50:C0:10:4A:38
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
jornpipop.com
www.3db.dev
objeditor.3rbehavioralsolutions.com
www.aarondetrick.com
dpm.nurulfikri.ac.id
aimdigitech.com
www.ambient.alaphd.com
alcodio.com
aldridge-gives.aldridge.app
bead16.alignitgames.com
alpinecrew.al
alvish.in
angeltech.com
bradcarson.ca
staging.app.brickwise.at
app.calven-tech.app
lalocanda.clau.io
clearstore.clearobject.com
www.clonebrews.com
control-staging.cmorider.com
cubanitosmifavorito.com
fsdk.customfit.ai
www.dsrlglobal.com
aqua.dukatrack.com
dumpster.app
e-servant.com
eduardorp.com
edumancer.com
startupgrind.eharis.com
links.equipocabo.com
fokaweather.com
fox-club.by
za.uat.gaapunity.app
test.getshoutout.com
dlk.girls2-fc.jp
dev.globalzoning.com
greensmarketingsolutions.com
guitarlessonsnewcastle.com
highefficiencyhousellc.com
hikicklowkick.com
exam.ibisacademy.in
manage.ibisacademy.in
inparallel.app
isayur.ipiring.com
jonathanraspiengeas.com
keuxe.com
www.king-coffee.com
kintry.com
www.kirstenschowalter.com
lafroats.ca
eu.my.linkcard.app
app.maxprofitness.com
nebular.methvin.dev
mfplastik.com
moaibeats.com
moonpyx.com
mosquiteros-toldos-quito.com
qa.mymedstore.in
ai.ojas-labs.com
share.okki.app
www.one-chat.app
admin.origamiwash.com
www.petler.app
pianolessonssouthampton.com
pierrelamusse.com
plushtoi.com
presenzo.com
www.promotorfreelance.com
quickstarts.net
reefte.ch
b2b.relobase.com
auth.revisionme.com
vizion.salesvizion.com
otp-generator.santoska.cz
www.seigospace.com
selfpay.care
sellmyhouse.co.nz
www.sgj-gems.com
www.simonesesana.com
smilecat.dev
sunshineandsweets.com
sunwaydental.ca
nimble.talhahpatelia.com
innovemind.taximet.com
s.teller.jp
www.treelog.io
triodesk.in
tuneprefs.com
www.turdsicle.com
www.undarkpixel.com
admin.uricall-dev.com
easygo-core.viteusa.com
chat.vklidu.ai
app.voya.live
bdbe-table.waiterpro.com
webtech-systems.com
whatstarget.com
workandtimemanager.com
zero.ai
zonaextrema.com.br
Other domains in certificate