Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=brp-solutions.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 13, 2025
Valid Until
January 12, 2026
48 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
8D:80:99:F0:17:A2:13:E7:5A:48:D8:DB:46:4E:16:6A:53:2C:66:2F:C9:66:8B:BE:55:D8:E5:0B:03:03:22:88
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
invlog.com
restaurantsearch.abrahamzakharov.com
sarahschwieterman.aghedgedesk.com
onligrow.agrisell.in
anakeesta.app.alpinemedia.com
asoundthatneverwas.net
associated-studies.com
websummit.atmocube.app
www.auratels.com
kantcopy.ayoubsbai.com
app.beautysquid.com
app.bharatagri.co
account.biqpod.com
bizcontroller.it
mesero.bom-ec.com
app.bookgiveaway.com
staging.navigator.bowhead.ai
share.brewfather.app
brp-solutions.com
aki.buenatelier.com
doctor.qease.co.in
cocoon.beauty
app-g.consumerly.ai
deeplearn-summerschool.in
gc02.dekalouis.com
devisedigital.co.uk
dev-customer.dishes-app.com
www.effectivly.com
tpenso.egg.srl
link.evbeep.com
evehealth.app
excelskillsacademy.in
link.fastcashapp.com
fastriver.dev
fernando-valle.com
www.fusionzone-ict.com
genxfantasy.com
ggsneakerssale.com
gorillasport.de
ks.heychao.com
compass.kairos-advisory.com
kashplo.com
laceai.run
topics.michaelbarr.dev
app.minipad.co
monkeydog.uk
mm.nanosoft.co.za
naritech.dev
nexthome4u.com
nileshp.dev
noahcad.com
nunezantiguedadesvende.com
nutrisek.com
gh.okinari.com
api.openperplex.com
fantasy.rugby.orwig.app
rdliberdadefm.pampa.com.br
pfoffers.com
auth.piclar.com
stripe.pixelcalificado.com
www.plya.io
purpleknightcamps.com
pwr-go.com
pass.qyon.com.br
radixmarketing.in
ecc.rapidassist.co
revive-web.site
www.rkptravels.com
www.samolink.com
tv.scl88.live
servethe.church
settavers.com
app.emr.shipzzer.com
privacy.shopylist.app
www.stefanoocchetti.com
team.suliez.com
www.swissmarine.dk
taktplanner.xyz
www.tdsplc.com
www.theconsequencesgame.com
thegreymouse.com
thepourlive.com
auth.toss-online.com
links.chargingservices-preprod.totalenergies.sg
townofpelion.com
trainchess.ru
www.truckhh.com
pwa-lagunabeach.trueomni.com
ukiku.app
js-demo.video.io
vivosel.com
www.vnmconsular.com
vrajinteriors.in
lq.webgurus.eu
eleccions21d.websays.com
wokaim.com
www.zachary-sturman.com
zedbrains.com
landing.zipperz.ru
admin.zsebtanar.hu
Other domains in certificate