Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=chataize.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 24, 2025
Valid Until
March 24, 2026
66 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
15:B0:7D:3F:6E:1C:1C:BC:1E:2B:1E:2F:59:B3:8A:AF:37:D5:88:CB:8F:8B:79:EA:3D:40:DC:BA:4D:14:C0:2E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
sunexplorer.org
5binvestments.in
appstitch.dev
qr.atakanyigit.com
app.rel.connect.awr.org
kinti.b-raychev.com
bellatrufa.com.br
fitbit.biotasense.dev
blomma.dev
www.cablelocator.net
www.photography.caldera.is
bonverwin-loyalty-web.cbdata.cz
chandasimfukwe.com
chataize.com
chipplays.com
chispaslab.com
www.colinj.dev
t4tech.com.np
cosminlacatus.live
crackingandstacking.com
crapinspirationalquotes.com
landing-test.culturalyst.com
crm.curral.london
datacadence.org
scadenze-alimentari.davidecampello.app
decarb-adapt.com
sandbox.devridezum.com
admin.feature2.digiqc.com
www.waitrosedev.enezatelecom.com
dash.englishcomcami.com
www.estaragroup.com
fencewithfriends.com
flashcare.in
ph.flutterflow.io
offers.getsway.com
www.gmailbox.app
grapidly.com
app.dev.greenr.com
www.hardspace.xyz
ids.htbx.gr
bethpage.impactwrap.com
www.innovasana.com
www.instashop.bio
ar.joikid.com
joshtalks.org
joyhouse.us
www.justapplication.com
www.plateforme.karmasante.com
www.klo-apps.com
www.koworker.io
theweekend.demos.linkmalloc.com
app.loveofthefight.com
dicey.maclure.info
admin.marketmyindia.com
mnpl-app.mat2.net
maucatofficial.com
medicaresoutheast.com
cfunhotel.menuaddis.com
meupar.com.br
staging.mlaw.ai
muhamedbrifkani.com
neonexiss.com
s.neuromagic.com
url.nhakhoaparkway.com
www.nocturno-creative.com
nomorebindays.co.uk
app.novaterim.com
ottawa.profit.orderprinting.com
overengineered.ai
pointcheck.gg
ponytycoon.nl
printshootrepeat.com
pm.procedura.nl
www.quicksando.com
www.recuropharma.com
user.ricaun.com
www.roarvc.com
pincraft.saulnunez.com
huddersfield.scouthub.app
www.simpexo.com
staff.dev13.skool.sg
www.splitbear.net
www.sumnerdata.com
internal.sunstarintl.com
swiftfixservicesltd.com
join.teamlinkt.com
thebitcoinhole.com
tigerroberts.org
www.toroidsart.com
crossfiteria.turnosweb.app
www.tvgmm.com
unicube.design
utkalalumni.in
send-dev.vflat.com
krest.vidocto.com
virtual-arts.co.jp
app.visioncontrols.com.br
marketing3.wishup.co
app-dev.xitester.com
www.zagenzagen.be
Other domains in certificate