Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=gcbrokers.co.za
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 19, 2025
Valid Until
February 17, 2026
72 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
91:8C:51:C6:13:25:7F:16:C0:16:54:20:1C:F8:C1:F4:72:BA:1D:E1:90:4D:82:9C:A4:DE:62:5F:F8:E3:EA:22
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
grid-guide.com
www.1xrun.limited
25costures.cat
angelorenovates.be
appaspecoar.com
asocradio.com
stockhub.bahayarugainc.org
www.bereliable.in
bombaybrewco.com
bombaybrewcompany.com
carlospetry.com.br
centrurecreational.ro
cerrolargo.com.mx
us.clearquote.io
us1.clearquote.io
myvac.com.my
qa.app.criisp.io
bowlofheaven-orders.crispnow.com
ddocksolutions.in
devworld.it
dewdwell.com
dlit-consulting.eu
ostermed.drtis.com.br
www.duckfart.org
eliteendocrinology.com
emindinler.xyz
dev.euleris.ai
eyebreak.app
www.eyebreak.app
feelindia.com
www.feelindia.com
foot-steps-histo.com
friendoza.com
futuretrashcan.com
gaia-next-gaia.com
gandharsales.com
www.gandharsales.com
gcbrokers.co.za
www.gh-bautraeger.com
goboxmailboxes.com
gokidsy.com
www.gokidsy.com
ooty.gosmartdroptaxi.com
thanjavur.gosmartdroptaxi.com
tirupati.gosmartdroptaxi.com
groupwithai.com
www.hourapp.co
app.jdiasconsultoria.imb.br
www.isoms.co.za
www.jadephoenixwoodworks.com
formue-docs.knowledgebase.no
www.kwhour.in
makeusa.us
map-conductor.com
gotloan.mazidul.com
merkurial-studio.com
simulador.meurefugioconsultoria.com
mindsonfld.com
www.mindsonfld.com
mirai-ltd.com
modalaideas.com
register.qaf.morhafshamia.xyz
bestellen.muelheim-panpizza.de
mukesh.tech
zagreus.naptimern.com
narcodic.com
www.neips.in
opanbaux.com
orelkabetz.com
ozveny.eu
paisamonitor.in
proweld-solutions.com
xdc.pytz.dev
qwerzy.org
radheyvisaconsultancy.com
admin.rapid-ood.de
resume.works
riistapolku.fi
www.rivonidhi.in
room-20.com
www.roymelzer.nl
serdika003.org
serviceplease.app
shreedarshantravels.com
login.skudata.ai
smartagency.cloud
hourbase.stefansukara.com
www.taniepodroze.com
www.tgr-gov.me
thesoulfulsuitcase.com
thunder.ar
towerlabs.com.br
transervitravel.com
demo.tryonce.com
urbangreens.store
administracion.urvanis.com
www.viswanathenterprises.com
admin.xtremefrost.com
rezuma.zechra.org
zenly.life
Other domains in certificate