Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=demoadmin.bracelit.es
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 15, 2025
Valid Until
January 13, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
33:4E:B6:26:5D:26:A9:9F:00:3D:01:69:80:60:44:6A:82:B5:61:A3:07:16:71:58:04:5C:40:05:19:DD:1D:07
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
verhuurpaleis-aarsman.nl
aeleria.eu
amwatatech.com
anno1980.dk
scream.apk.id
barberbuddy.me
bauerinternationalgroup.com
bergquist.eu
rewards.bomb.exchange
demoadmin.bracelit.es
brewjoys.com
www.btischedulingd3.com
admin.canariasahora.es
cathar.games
christian-japan.org
app.cliqbox.co
fc.weget.co.th
www.cytec.co.th
www.coderfrank.dev
bitpos.coincaex.com
gama.cronysoftwares.com
deepintellect-ai.com
dgd.business
didseagullquit.com
www.diniztomas.com.br
dismissly.com
vodafone-etl.divisadero.es
staging.easykasa.app
sandbox-partner.element.in
www.esquaredgroup.com
admin.etoh.digital
fastvalue.vn
ebook.fedecultura.com
finisango.com
app.finzace.com
admin.flylbicharters.co.za
frazerhatyai.com
hellumtrekk.frigg.solutions
www.fullspectrumconsultingsolutions.com
gbln.dev
partner-staging.goviceversa.com
www.gownzie.com
gpv.gg
appg8.gr8medicoes.com.br
chillout.grupodanigarcia.com
gudshit.meme
www.henrymoulton.com
intranet.holmesplace.de
app.hompwr.com
reclutamiento.humirconsulting.com
sp-auth.ibep-staging.com
dhulsham.ilmora.in
c.immigrantscanada.com
interstices-ctt.de
interstices-ctt.org
www.jp-morgan.dev
kartcraft.in
eddy.levelops.net
app.localeum.com
medelite.medihelp.co.za
meeksventures.com
mercurius-tool.com
www.michaelnewman.dev
covid.midiagnostico.cl
myvybes.com
naworb.in
newcryptopigs.com
link-econt.nibo.com.br
kindreds.nurtora.com
ogovpn.com
ohmy.games
order-at-table.courtepaille.paymytable.com
pbproleague.com
plazalibertadctes.com.ar
pointypoker.dev
www.potuznik.eu
www.queue.community
crm.rcloud.dev
www.reactiverobot.com
store.safeat.de
www.saintemmo.world
www.saralam.xyz
rmhc-dev.sipora.io
startgdpr.eu
etmispsa.tcontur.pe
teamshield.in
www.testandgo.app
www.twinstarvoyages.com
varage.eu
preview.accounts.vezham.com
www.vnasc.dev
howto.vouwauto.nl
wav-studios.com
www.wearefundify.org.uk
whiskywednes.day
homepage-staging.wngzr.xyz
community.workoutme.app
xcollc.com
www.xtensily.com
yashwanthdesigns.com
Other domains in certificate