DNS Gurus
Cached · just now
80/100 SECURITY SCORE

Certificate Information

Subject
CN=tm.brokertg.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
December 05, 2025
Valid Until
March 05, 2026 52 days
Public Key
RSA 2048 bit Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
06:6A:8F:5F:18:EE:11:E6:3D:55:16:9C:7B:F9:6A:BF:AE:C5:61:D9:39:D8:3E:8F:AA:8A:22:71:55:A6:7F:0C
Alternative Names
100 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Configured (Restricts certificate issuance)
Current Issuer
Authorized (Matches CAA policy)
Authorized CAs
letsencrypt.org comodoca.com digicert.com globalsign.com
Wildcard CAs
digicert.com comodoca.com globalsign.com letsencrypt.org
Recommendations
  • Consider using critical flag (flags=128) for stricter CAA enforcement
  • You have authorized 4 CAs - consider limiting to only the CAs you actively use
  • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts

Subject Alternative Names

100 domains
rosca.app

Other domains in certificate

0xua.app
3em5.com.br
curry-dev-leaf.5loyalty.com deliroutine-app-dev.5loyalty.com drinks-and-co-dev.5loyalty.com hopunionbrewery.5loyalty.com
www.abhinickz.dev
old.bengubler.com
www.betty.social
dispatcher.bookaridegy.com
www.braudin.com
ag-srikrung.brokertg.com office.brokertg.com tm.brokertg.com
app.brouq-eg.com
www.brprocess.com
bubblegumbase.com
www.buildingwhileflying.com
www.buildorderguide.com
www.buildtray.com
www.bunnch.com
www.bypissarro.com
www.cakraindah.com
notification.calculistaestructural.com
www.calient-eh.com
www.callbackrequests.com
camarahi.com
cameronkuo.com www.cameronkuo.com
esim.campsited.com
tcg.cardmon.com
www.carlgustafbags.com
carmenmusat.com
casaborapp.com
cascadingfusion.com
caseadri.com
cathargames.com
cbse.news
cdmedya.com
centricpos.com
cerebralaudio.com
cerotechnologies.com
cerseisecretlife.com www.cerseisecretlife.com
chavezcom.com
chord-it.com
chosio.com
ciellissens.be
comconnect.net.au
links.crewseekers.app
devjuanes.com
www.diamondconcreting.com.au
evoluziona.com.co
www.evyo.be
faustobdls.dev
8ballbilliardsclassic.games235.com cakesliceninja.games235.com happyelephant.games235.com ludo.games235.com pou.games235.com snake.games235.com solitaire.games235.com timber.games235.com ubg98.games235.com ubg98oct.games235.com
www.ganderwa.dev
internal-tools.globacore.app
stage.homespungames.com
www.huayyakk.com
www.huayyakk.net
webapps.huntinggrounds.app
www.jhoangracia.com
nishiwaki-logo-maker.jnito.com samples.jnito.com
birbs-mock.joelmalone.com.au
www.jonakstu.com
junioryono.com
manage.kabman.com
www.kamrankhalid.com
kathyqian.com
katilkim.com
kdcontracting.com
kewinlifesciences.com
www.koungkai168.com
auth.meetymeety.app
perigarealestate.com
plamper.life
liveupdate.poptacular.net
regex.com.br
link.selfiemade.app
painel.spgeradores.net
www.swapu.com.au
www.tech-response.net
student-staging.thebrighttutors.com.au
proveedor.todo-odonto.com.ar
webapp.tradies4ladies.com.au
www.vepple.co.uk
console-dev.vnlp.ai livechat-dev.vnlp.ai