Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=bradleyfolkers.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 04, 2025
Valid Until
March 05, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
EF:54:E3:A1:48:8C:6B:D7:C2:B9:AC:19:3D:99:32:AE:AA:36:6E:67:CF:F8:03:3E:30:95:8B:83:2C:4F:15:FF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
compagnie-ezo.com
api-qa.3a2ilati.com
api.3a2ilati.com
3jadventuretours.in
link.3uplay.com
www.agrolinkgh.com
www.alobaid.co
am-iv.com
events.ancientcityprivateers.org
www.apollonea.cz
meter-exchange-appointment-booking.atco.com
fox.avenueci.com
mcq.avyukta.xyz
worldpriority.bayubuanatravel.com
bbamsch.com
www.bergerj.com
birrierialanderos.com
boukili.ca
boxalino.com
bradleyfolkers.com
campanasparaiglesia.com
charlesbakermemorial.com
interactive-screen.clay10.co.uk
wms1.co.il
www.cvisionlab.ai
hero-routes-regemat3d.devbeebit.com
devdebut.com
app.dorix.ai
edokan.ma
my.employeelinkapp.com
connect.staging.evertransit.com
fanfavvending.com
tc.client.dev.fareclock.com
mindtick.flinders.edu.au
fluzze.com
demo1.flytag.com
survey.getluup.com
www.ghostofthescorpion.com
giliislanddivingcenter.com
dev.go-games.gg
mindtick-app.goact.com.au
www.goreggy.com
haus-tratter.it
www.hikers.social
ieltsnavigator.com
corporate.karriereheld.team
kawcode.com
www.kbaaz.com
kissaki.es
konstantne.com
www.livekvitto.se
www.martin-pesch.com
menencia.com
montythecat.com
mxkv.ru
merchant.myrtlebeachpassport.com
locnt.name.vn
natetaylor.dev
provider.neuromodec.org
www.octal.com.co
dashboard.odoostack.dev
electron.openteam.space
auth.paysquad.co
www.peixinlee.com
linksqa.platenger.com
printslon.com
designer.produvar.com
app.psychictxt.com
blog.pwnlogs.dev
qatheory.com
raimundomonteiro.com
www.rekwest.app
resaki.de
au2.office.resbutler.com
www.nenaaruna.rotaractmora.org
rune-stone.com
sandylandscapin.com
sciencedigitshub.org
eu.scrollu.com
sevenky.com
shareplay.dev
handandfoot.shearers.us
www.sinanbolel.com
cart.sov.kr
stanleyfam.com
atacado.surflycrew.com.br
www.technomore.ae
sandbox.theverse.stream
firebase.tinxy.in
www.trumpalyse.com
stage.dhp.quiz.thrive.uk.com
mojo.una.events
www.villasaltavista.com
www.whimvent.com
admin.xflydragon.cc
app.xflydragon.cc
yokoy.at
yozo.co.jp
app.zendero.co
www.zist.be
Other domains in certificate