Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=actsofthechurch.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 08, 2025
Valid Until
January 06, 2026
38 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
56:3C:CC:EE:51:1B:12:9E:10:9B:F8:6D:C4:52:AC:22:C5:AD:26:4D:AE:13:25:5D:92:E1:DA:1F:9E:ED:43:5A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
axyojp-test-ads-simple-web.com
acegrinding.net
actsofthechurch.org
akashrai.me
m.albago.kr
cao-lvnl.appdashboard.nl
asbestossurveysbristol.com
dev.bridgechasm.com
bvarg.com.ar
carbex.earth
chessclub.ch
authentication.class101.net
www.collievalley.com
people.moderngroup.com.my
refood.com.ua
compost-collective.com
forms.creatinium.com
claims-5.dev-ltl-xpo.com
temnadoba.dudacek.eu
exhibitor.e-igjs.com
www.ecowetcare.com
event.lu
app.extendedfamilyhelp.org
ganamas.famimas.com.co
randevu.firesoftyazilim.com
yazboz.firesoftyazilim.com
www.foroturismosexual.com
www.gsiexpressinc.net
fleak-auth.herber.space
www.hhl-tec.com
www.hotcharge.in
link.hs2t.com
hytechsolutions.info
iearn.info
indelearn.com
www.invodigger.com
watch.itrood.com
todo.jassy.in
letsdraw.jideguru.dev
www.jon.nyc
kamar.blog
www.kangmingshop.com
www.karimomar.de
hourglass.kettlebell.dev
www.klickspiel.net
www.klincoin.org
owner.klubbappen.se
eu.lenstec.com
liepsna.com
www.loungemade.com
url.lovegelu.com
lowkeyhospitality.nyc
lvsb.mx
www.majasfancy.com
www.meister-maler.ch
www.meraki-apps.com
www.mesh-innovation.com
meutim.com
6zsfhrwlwms.milivesystem.jp
tsg-demo.minmeeting.com
columbus.moovaz.com
addin.my.id
sunandsnow-stage.mysmarthotel.com
links.netfocusuniversal.com
www.nolanga.org
ogenerator.xyz
ofsc20182019.ondagoapp.com
openperplex.com
portal.zofim.org.il
app.outfitformulas.com
www.pavfasady.cz
payrows.com
www.picloudconsulting.com
www.pokepicker.com
app.postmaker.io
www.pwa2apk.com
www.remotemore.com
salmanappliances.com
firebase.scaalar.com
www.scryptique.me
seanmabli.com
setmyspace.com
skuldpaus.se
iam.storeroom-solutions.com
www.sufera.com
www.syrerys.com
www.task21.com
www.theguitarologist.com
www.titantrack.com
www.tsr-trenchless.com
william.uappe.com
www.vaxyvax.com
vcf-file-merger.com
steps.visusrad.it
mobile.volumental.dev
wasd-inc.com
r.withkoa.com
www.wlogistics.biz
inf.dev.xflydragon.cc
yudachiku.com
Other domains in certificate