Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=brightuplabs.uk
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 22, 2025
Valid Until
March 22, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
21:7B:0C:30:13:56:73:84:57:48:93:8E:1D:0C:33:47:E5:1E:32:D4:AD:B7:54:33:2D:E0:18:12:A9:6A:B7:08
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
cms.gobackstage.co
workout.acceller.com.br
actrainer.co.uk
www.actrainer.co.uk
lada-app.alexneto.dev
www.ali-hnos.com.ar
appidev.ch
tanda.aquariusit.com
autonomous.ro
www.berlinjohnson.com
website.bluevoidprojects.com
www.bodegassantiagocentro.cl
urnb.breadstand.us
brianlowther.dev
brightuplabs.uk
www.climate.id
codepush.dev
codewired.me
colosseum.how
pay.e-pay.com.my
cnorder.zore.com.tr
radlaunchapp-ui.dedicateddevelopers.us
dementia-risk.diascreative.net
links.divebox.app
www.drandresantospvh.com.br
www.easystaysyelagiri.in
ghosttide.eventup.ro
fgasesoresdeempresas.com.ar
www.fitumiventures.com
access.stage.forge.gg
gdgpescara.it
golfbandy.com
helenaicafe.xyz
hofer-weinmesse.de
huddlein.co
ca.idempotence.io
www.ifcastaneda.cl
www.indiahippie.com
www.infinitybullet.com
ingenieriamfp.es
link.investo2o.com
pronto.its-not.tv
app.iwanna.camp
link.jadopteali.com
www.jethro.link
jfvh.nl
www.kadardan.com
www.kamperfarmfresh.com
app.ke-journal.de
knightmare.rip
kondogiken-club.com
lmywilks.ca
www.mattjan.com
covidguide.mayamd.ai
mcwatts.tech
memorii.jp
mikes.co
www.minglwu.com
bienvenido.mymoons.co
www.neatit.com
nitheeshm.dev
app.ollayr.com
mapa.temaiken.org.ar
oryx.xyz
dev.members.owl-ina.com
parmarthpublication.com
psclient11209.philanthrosphere.com
google.piyush.org
primeventuresalliance.com
go.quotza.com
app.rafflu.com
app.reclutachat.com
santamaria.rflex.io
www.roggy.dev
runbike-live.racing
sugitec.s-cloud.app
dl.selectionsgroceries.my
shivalicious.com
api.slapnpay.com
slash7.pro
www.smoothtravelling.com
docs-qa.softwiztech.com
www.spanapp.io
kclequesnoy.sphure.app
essex.studentphotographer.co.uk
swappit.com
lights.tangochicken.net
tenzinnorden.com
thesimple.club
tintaspremiun.com.br
dealers.tripleai.co
tusinvitaciones.com.mx
upee.mx
www.visualgoods.com
firebase.vitech-dev-ua.net
gui.vitibot.xyz
www.ticket.web3intravel.com
whosreffing.com
wonasa.com
www.wordbrix.app
Other domains in certificate