Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=brabaja.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 01, 2025
Valid Until
March 01, 2026
81 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6A:B7:30:6F:D1:1A:B3:31:91:D9:3A:3E:57:29:7F:63:33:AA:3C:5F:72:61:DA:14:F2:90:88:A0:D0:6E:AE:DA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
sangserene-house.com
ashley.3dcloud.io
app.acehours.com
www.aiboosted.biz
www.airpark.io
anotherit.company
pres.ant-in-giant.llc
www.arjunsanthosh.com
brabaja.com
amag.sandbox-console.bringoz.com
c4c.camba.ca
checkin.campeagle.camp
www.cartman.dev
carte.app.chassande.fr
www.secretlife.co.in
www.colonia-privada.net
syg.com.np
danielbourgeois.net
www.dataeq.co
datenflow.com
depositoaquitem.com.br
www.dietaquemagrasa.com
app.digiboards.io
www.dreamdesigners.net
www.dukevideoarchive.com
webfportal.ehryourway.com
www.elmopitt.net
empstudio.io
www.foniclinicainfantil.com.br
footcarehighland.co.uk
distribution-deal.freee-apps.jp
text.geek-salon-products.com
app.hawparviva.com
heldercardeira.com
math.hmh-waggle-teacher.com
monitoramento.honco.com.br
infiniteworlds.games
borastapeter-staging.web.innotactsoftware.com
instartai.com
inc.itrood.com
link.dev.ivygrowth.tech
admin.jets24x7.com
admin.jghgllc.com
k-means.in
www.kaanyagci.com
www.kanjiwar.com
kayrexacademy.com
khad.im
dance.kmldn.dev
admin.krishione.com
app-staging.kwerk.co
ladanzadelasfieras.com
www.lbo.me
link.livewritten.com
vica-ai.madhive.com
www.maeganclawges.com
mandaditostx.com
marcialdiaz.com
moduladorpro.com
moirer.com
nanguneriplots.com
nate-may.com
navyrobotics.org
www.nervbox.com
www.nouyaku.app
share.opportunityfeed.com
auth.pcmy.app
puntershq.com
selfie.redlightguardian.com
reprobaterecordings.com
www.ridinginwales.co.uk
toolbox.rpr1.de
rybarska-basta.cz
saisankalp.dev
schoolbookapp.com
dev.shouldibeforgiven.com
siarcos.com
vaci35.sphure.app
srivishnugases.com
startupcomedy.it
staging.app.swapfiets.com
vma-ubaya.talentlytica.com
terceiropisoimoveis.com.br
terezamolerova.cz
theflyingrooster.com
auth.thesatcrashcourse.com
drivers.tikoglobal.com
www.tipptap.com
www.truck4up.com
www.tulipweb.com
api.upnext.in
www.valkybox.com
www.valueyourtime.eu
www.verifiit.com
www.vmathieu.fr
test.workflowmanagerpro.com
www.wrappedreviews.com
xidsoft.com
www.yukondds.com
resume.zenno.moe
Other domains in certificate