Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=benefitbroker.com.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 07, 2025
Valid Until
March 07, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
07:82:02:87:67:67:47:90:2F:D4:B2:9D:1C:33:9B:9F:A7:0C:4B:8B:41:51:72:29:98:28:FA:53:44:2F:4E:7E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.baudrate.io
4049.clian.net
abcd.rest
adamzachoval.cz
allball.io
sync.littlesis.amplifiedlabs.xyz
www.andii.jp
bushido.app.br
platformdev.atoms.cloud
www.aviita.li
benefitbroker.com.br
www.bezcigrup.com
www.bk-quiz.de
link.bling.de
www.brickwise.eu
www.bristolpentecostalchurchuk.org
compliance.bt21.solutions
manage-dev.captego.com
carityops.carity.dk
basic.chocopython.org
www.classnetting.com
cloverplay.app
admin.euromedicare.co.in
aligoad.co.kr
www.codegenius.co.za
crystalpalace.com.vn
connect-sport.fr
copycat.work
authorization.int.discovery.corelogic.com
tci-concor-dev.cxipl.com
iroiro.d-attend.com
darkmode.ph
www.delga.tech
score.deportareclub.tech
determiau.mx
app.diaoc888.vn
test.didousoft.net
smart.dkprelearn.in
collections.dpd.co.uk
d1-track.dpdlocal.co.uk
app.static.egp.vn
www.emnote.app
hakka.far.st
www.figueroaconstruccion.com
www.flutterdevelopersatl.com
www.geccele.tech
stripe.giovanniliboni.it
www.glowpanda.life
www.grunsys.com
www.grupostandard.org
hiqfinland.fi
manhleduy.id.vn
inceptumsolutions.co.za
www.industrialelastomers.net
www.indx.capital
henkel.inova.si
f.inovox.pl
pro-v2.lab.insights.gg
ace.jardibric.com
links-at.kaufland.net
www.kredey.com
kskoro.be
www.labonitapdx.com
auth.labyet.com
www.lappka.pl
service.dev.learn-app.io
www.maxga.me
www.meowcats.world
ptfirebase-c3.moboreader.net
biberbao.mwinkler.tech
anticabonta.nempos.delivery
admin.overlanderassociation.in
partnerhub.co.za
penny.technology
www.prakash.vip
app.propertygambit.co.uk
raisingpupupu.org
hr.rauer.eu
seeimpacts.dev
www.shadowsoft.uk
smartuser.app
tt.snapmentor.no
www.soundslides.org
www.starsign.dk
links.stayopn.net
www.stjohnsia.org
www.sysco.by
app-dev.syzl.io
intentdemo.threados.io
www.time2yak.com
timezoneconverter.online
tpe.lol
uddl.ca
web.ukuvota.xyz
vitorviterbo.com.br
manager.vocepede.online
wierdsmadesign.be
verifymail.dev.woopen.com
www.yashjain.xyz
www.ztoais.com
Other domains in certificate