Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=bitfab.shop
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 25, 2025
Valid Until
February 24, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E5:1F:12:9F:B9:50:7C:55:37:8B:D8:3A:2C:46:67:69:1E:B8:CA:0D:7A:B0:1F:71:C4:85:53:A4:FA:D0:D5:5B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.planarace.com
beta.505tango.com
8thnote.cc
aislarcasa.es
crossword.albertusvdw.co.za
amielectro.com
www.apicompass.com
audiomem.com
awoodsmedia.com
www.ayapeacock.me
www.billyskedd.com
dyna.bistrochat.com
bitfab.shop
bodapalomayricardo.com
v4.brianschwabauer.com
video.bugose.com
cahusa.com
camarsooq.com
www.caragy.net
castlerockcomedy.com
dash.cibelelima.com
app.clevertrack.dk
cloud9ep.com
3dapp.cogniteapp.com
www.sonictrading.com.tr
yunlin.onestudy-uat.oneclass.com.tw
rastrear-guias-dev.coordinadora.com
cpdclasses.com
www.creditoffset.fr
heros.curioswitch.org
pagelink.daily-tohoku.news
nucleus.datapredict.online
batch-fwk-s.dev-ltl-xpo.com
www.diallink.in
cms.dieringe.com
discoverymexico.com
drmsharma.com
drumsdb.com
admon.tpv.eficiente.co
engage.evolutionit.com.br
stats.ezturns.com
fariselrayes.com
espace-accedant.flandreopalehabitat.fr
flexpdf.com
www.frerichs.fr
www.gantherwedsparker.com
getdealsheet.com
www.giiim.com
www.glimbaro.com
goblinjam.com
www.guiloop.com
gunjankadu.com
www.imagemeasurement.online
imleccomp.com
www.itxd.net
jcbbicho.com
www.jorden-cw.com
kaatsh.com
kiwikode.com
www.lasciaunabozza.it
www.liveeasy.io
app.lnrshippingexperts.com
loversinthesky.com
matsuhisajapan.com
mockupbro.com
multiple.exchange
newenergyholding.com
nextbillion.id
www.nicksoler.com
auth.ocelotcommunity.com
composite.panicked.xyz
driver.parcelquest.co.za
phamhien.phamkhac.com
link.phongvu.vn
radheyimpex.com
rahulgputcha.com
runeinnovations.com
www.s3tint.com
s.samat.me
www.sandyrose.com
sertacfarsak.shop
app.shipmetroexpress.com
stage.simplinsur.app
sketchthat.com
smartenforcementsystem.com
pwa.sparkleit.ch
www.stevenwatson.ca
stiebri.lv
www.superlegit.fm
tayargarzon.com
tentronixnz.com
tetrazpe.com
www.the-matrix.ai
theapphaus.co.uk
veriables.com
pacientes.vivadoctor.com.br
app.walletguide.com
www.woobie.ai
www.woodify.app
event.dev.yoop.app
Other domains in certificate