If you browse to biji.co/ads.txt manually via Chrome/Edge it works. In Firefox though it fails:
Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for
biji.co
. The certificate is only valid forwww.biji.co
.Error code: SSL_ERROR_BAD_CERT_DOMAIN
Unable to communicate securely with peer: requested domain name does not match the server’s certificate.
HTTP Strict Transport Security: false
HTTP Public Key Pinning: false
When checking its headers through online header checkers they get errors too confirming the webpage is supposed to be inaccessible.
http://www.rexswain.com/cgi-bin/httpview.pl
https://network-tools.com/http-headers/
So how come Chrome/Edge don't alert about it and just accept this broken certificate?