Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.bristolpentecostalchurchuk.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
February 03, 2026
Valid Until
May 04, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
59:46:15:67:9C:00:8D:8D:E1:97:58:7D:F3:43:1B:26:30:E8:1C:66:6A:36:EE:90:73:B1:48:7D:86:D3:22:E1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.ashewz.com
abcd.rest
chelstarwm-portal.hermes.aimgt.info
sync.littlesis.amplifiedlabs.xyz
platformdev.atoms.cloud
www.bk-quiz.de
link.bling.de
www.brickwise.eu
www.bristolpentecostalchurchuk.org
app.caddygo.ru
inventaire-outils.cafedemarie.fr
manage-dev.captego.com
4049.clian.net
admin.euromedicare.co.in
obsgroup.co.in
www.codegenius.co.za
codehow.ai
coffeezinho.com.br
computecompass.com
connect-sport.fr
copycat.work
iroiro.d-attend.com
darkmode.ph
www.delga.tech
despertardohomem.com
devyanshagrawal.com
test.didousoft.net
smart.dkprelearn.in
collections.dpd.co.uk
d1-track.dpdlocal.co.uk
www.mmis.edu.ph
web3.eosde.net
hakka.far.st
www.figueroaconstruccion.com
www.fugisawa.com.br
fundamental.bio
www.geccele.tech
www.geobarta.com
stripe.giovanniliboni.it
www.glowpanda.life
go.hiddenharvest.ca
inceptumsolutions.co.za
www.industrialelastomers.net
www.indx.capital
login.ingegneriabernasconi.it
ace.jardibric.com
links-at.kaufland.net
www.keulen.it
ward041.kriyatma.com
ward059.kriyatma.com
kskoro.be
www.kuusamoairport.fi
www.lappka.pl
service.dev.learn-app.io
www.maxga.me
medici.art
www.medici.art
www.meowcats.world
academic.mixidea.org
biberbao.mwinkler.tech
www.natashamitchko.com
neuralcatalog.com
nilsthenorway.com
www.ottovandepol.nl
penny.technology
mint2.pixelsaurus.io
potput.com
www.kz-beta.pp.ua
www.prakash.vip
app.propertygambit.co.uk
maersk.proseeq.com
hr.rauer.eu
www.ressoante.com.br
www.sadecerf.com
hiroyuki.sano.ninja
seeimpacts.dev
www.shadowsoft.uk
entry.siciliamia.com
tt.snapmentor.no
www.soundslides.org
www.spiralspd.co.uk
links.stayopn.net
www.stjohnsia.org
www.studio30th.com
app-dev.syzl.io
www.thesoulfulsuitcase.com
thetutorlancer.com
intentdemo.threados.io
www.time2yak.com
tusted.com
web.ukuvota.xyz
unveilrai.com
nh1816.valuechecker.ai
www.vermaercke.be
www.verzekerdezaak.nu
volksleads.com.br
verifymail.dev.woopen.com
www.yashjain.xyz
zhuirang.buzz
www.ztoais.com
Other domains in certificate