SSL Certificate Analysis for www.oathcraft.live - Security Grade & TLS Configuration

Open Cached · just now

92/100 SECURITY SCORE

Certificate Information

Subject

CN=genome.beta.loophealth.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

December 07, 2025

Valid Until

March 07, 2026 83 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

1A:B5:76:91:1C:98:66:1B:82:65:55:55:0D:B4:31:0C:B6:B3:EC:98:7F:78:6C:D6:99:61:6E:01:53:51:70:9C

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Good

default-src; script-src; script-src-elem; +7 more

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Present

geolocation=(), microphone=(), camera=()

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Strengthen CSP by removing 'unsafe-eval'

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

www.oathcraft.live

Other domains in certificate

4fetch.com

abvy.io

preprod.monitor.ag-kiosk.ovh

aimo-sys.com

savorsync.appwaretechnology.com

azizelanbouri.com

www.bangke.vn

barxad.fi

app.bepassbrasil.com.br

pizza.biz.id www.pizza.biz.id

cauha.net

christmasgreeting.se

kraftboba.co.ke www.kraftboba.co.ke

downloader.spacetalk.co.kr www.ipuzzle.co.kr

codetwice.ro

tou.valu.com.eg

peisa.com.py

compraren.com.ar

coquins-game.com

www.datestress.nl

markmywords.criscorrea.dev.br

cloudifice.eyouel-kibret.dev.et

divicom.dev.portalcliente.divitech.com.br

www.dmmgroup.id

dover.consulting

link.dribblepickup.com

paardenrace.ebriusvespertina.nl

www.eduardaporto.com.br

dashboard.fatec.educagame.com.br

app.emgcompliance.com

app.finlayer.io

www.forteengenhariasolar.com.br

www.fruitescaimari.com

www.fusspflege-eliane.de

openhouse.transmigrasi.go.id

hanzhi.xyz

fitness.havenga.ie

relocationtoolkit.helptorelocate.com

test.hemily.se

www.hi-techsolargeysers.co.za

hillybean.com

icontact.kr

immiflow.us

p2phone.imobsoft.com

sonthedev.io.vn

qkaart.jazzpesulad.ee

www.jjthaispa.com

www.keuning-software.nl

lab4ai.my

www.lacnog.net

www.leafarise.com

lennyfaces.top

freccette.liffi.ch

llmtxtbuilder.com

genome.beta.loophealth.com

mikolajki-komu-prezent.pl

s.moovup.com

eu-app.murallink.com

padil.my.id www.abdurrachman.my.id

eat.mypoke.ru

www.nago.pro

shop.net.ne.kr

unisex.newemperium.com

www.newzgator.co

numina.fit www.numina.fit

odamdan.com

hawthornecoc.ojeelabs.com

lists.passoka.com

pengkai-hsu.com

pinceval.com

lutheran.plusscommunities.com

praxwallet.com

princetonwrestling.com

promptish.io

psicologojorgepina.cl

qultah.com

www.rorymm.com

www.sandeep-yadav.com

sansclouds.com

schultzsteven.com

www.sergiopaccosi.it

shahid.codes

www.srdanstanic.com

starttakingaction.com

www.stepstopodium.pt

talktable.pl

tarikvaljevac.com

teamsamsara.com www.teamsamsara.com

takip.teknokalipmakina.com

scoob.teo.xyz

thefarmstandcookbook.org

vvtop.ru

yesilovagunesanaokulu.com