Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=whollyholy.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 27, 2026
Valid Until
July 26, 2026
31 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
8D:08:DB:E6:50:F2:4B:57:8F:0D:B4:A1:AA:A7:DC:81:9B:DE:75:52:22:72:54:B4:B4:E2:08:CB:F6:FB:A0:C7
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
donore.it
*.donore.it
*.admin.donore.it
*.bi.donore.it
*.dashboards.donore.it
*.questioni.donore.it
*.reporting.donore.it
*.visualize.donore.it
*.3g.kochbar.at
*.6tmxf37ijjeff9aa7rjk3931y.kochbar.at
*.7bf5193d-f2eb-4ccb-a743-90b4d4b9677c.kochbar.at
*.abnahme.kochbar.at
*.admin.kochbar.at
*.ais.kochbar.at
*.amp.kochbar.at
*.apps.kochbar.at
*.autoimg.kochbar.at
*.b87da168-7e8b-489d-81d9-a9b48c4ddb2a.kochbar.at
*.blog.kochbar.at
*.crm.kochbar.at
*.damoh.kochbar.at
*.dev.kochbar.at
*.docs.kochbar.at
*.emv1.kochbar.at
*.en.kochbar.at
*.external.kochbar.at
*.forum.kochbar.at
*.ftp.kochbar.at
*.gourmet-magazin.kochbar.at
*.home.kochbar.at
*.info.kochbar.at
*.ios.kochbar.at
*.ipv6.kochbar.at
*.jsoqenbr.kochbar.at
kochbar.at
*.kochbar.at
*.kochkarussell.kochbar.at
*.kochshop.kochbar.at
*.m.kochbar.at
*.mail.kochbar.at
*.mobile.kochbar.at
*.mx2.kochbar.at
*.my.kochbar.at
*.notexistsgourmet-magazin.kochbar.at
*.notexistskochkarussell.kochbar.at
*.ns.kochbar.at
*.oxrcttsqgmvpn.kochbar.at
*.public.kochbar.at
*.remote.kochbar.at
*.roduktvorschlaege.kochbar.at
*.s1.kochbar.at
*.server.kochbar.at
*.service.kochbar.at
*.share.kochbar.at
*.sharepoint.kochbar.at
*.stage.kochbar.at
*.u003ewww.kochbar.at
*.vpn.kochbar.at
*.ww25.kochbar.at
*.ww6.kochbar.at
*.zygupu003ewww.kochbar.at
mybenefithub.co.uk
*.mybenefithub.co.uk
*.portal.mybenefithub.co.uk
*.gj.nnb.net
nnb.net
*.nnb.net
*.ai.phillycigarco.com
*.bi.phillycigarco.com
*.mail.phillycigarco.com
phillycigarco.com
*.phillycigarco.com
*.staging.phillycigarco.com
*.test.phillycigarco.com
*.visualizations.phillycigarco.com
*.ww38.phillycigarco.com
*.ww7.phillycigarco.com
*.dev.tama.life
*.kie.tama.life
tama.life
*.tama.life
*.319aae0f-9f13-4dcd-baa5-be405d0e3fa1.wazemarche.info
*.production.wazemarche.info
wazemarche.info
*.wazemarche.info
*.ww25.wazemarche.info
*.www.wazemarche.info
whollyholy.com
*.whollyholy.com
*.ww25.whollyholy.com
Other domains in certificate