Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=theholybible.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 09, 2025
Valid Until
February 07, 2026
64 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1E:07:D1:0E:17:15:31:59:F8:92:C0:EE:B5:59:1E:A8:8C:26:E3:E5:2B:FF:D6:97:C4:FB:56:17:BE:A4:B0:83
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
whiteland-projects.in
arcticagents.io
arda.social
preview.arzneiundhaut.de
www.becomeanestateplanner.co.uk
hubapp.bounce.bike
casalero.it
status.funxon.co.in
links.karunshrestha.com.np
samjhanapokharel.com.np
www.paudelnabin.com.np
dilkinediniz.com.br
www.dishank.dev
www.droptaxei.com
elvenrun.xyz
survey.eraser.moe
bolsa.etraderex.com
feelsingapore.com
ares.filokar.com
fragoas.com.br
frietjesthuis.be
www.gaondekho.com
www.godwinjibs.dev
growpecomm.com
hillmetalcorporation.com
linhnthust.id.vn
generic.imperialacre.com
app-ester.investous.com
jiocinemaapk.website
joinmeet.me
kerjadigital.id
koshobai.com
www.learnersrider.com
ligdi.xyz
lighthole.lk
www.liikkuvarenkaidenvaihto.fi
tatianagourmet2.lupi.delivery
matanyechiel.com
mikemiwha.love
signs.mwaalabs.com
mycitysolutions.mx
mykivoo.com
crown.mytrace.com
nalamzap.dev
www.napolipizzasqhill.com
mentor-pre-dev.neccton.com
auth.new-verse.link
www.about.nkester.com
discord.nova-hotels.com
auth.pagespeedify.com
pawiki.net
links.peeknest.com
pickupcabs.com
verify.auth.dev.pixipass.com
office-dev.pokerboss.dev
priceofglorygame.com
problembolo.in
pitang.prompt-pitang.com
wedding.psangwoo.com
chat.qualia.com
test.quest-bc.com
rapinnohealthcare.com
readmefy.me
www.remittance-service.com
remspconsite.net
rezaplus.com
quicksign.safetyinminutes.ca
scientistsout.it
www.scientistsout.it
x.shocode.com
www.harveys-group.shotextract.com
portal.stagenillio.com
devadmin-plot.stayflock.com
stedamaps.com
stokedfoodtrucks.com
stridesoverstigma.com
sukabo.com
surendrabhati.in
svscontrols.com
www.tackleboot.com
techsoutien.com
magic.vixi-staging.thefamousgroup.com
thefazbearfuntimeservice.com
theholybible.io
theinfinitybottle.com
staging.themomentcondo.com
therebbesohel.com
theyoungshakespeare.com
tpscalculator.com
app.tratixs.com
ultibracket.com
app-ryc.uniboi.co
app.vailo.ai
velloredroptaxi.in
vevisolutions.com
vnpglobal.com
waayout.com
market.watchmoney.ca
wsn.ae
zeitstilla.com
Other domains in certificate