SSL Certificate Analysis for api.magicspray.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=marjee.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 19, 2026

Valid Until

May 20, 2026 88 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

F7:13:93:12:7B:21:10:F8:CE:F5:B0:A6:23:D4:DF:9C:6A:27:5E:70:71:A7:20:87:6A:18:C4:EA:1E:5F:D5:17

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

magicspray.com *.magicspray.com *.api.magicspray.com *.mail.magicspray.com *.test.magicspray.com *.ww25.magicspray.com *.ww38.magicspray.com *.www.magicspray.com

Other domains in certificate

*.2.gracelandmy.com *.5.gracelandmy.com *.account.gracelandmy.com *.assets.gracelandmy.com *.blogs.gracelandmy.com *.cart-prod.gracelandmy.com *.check.gracelandmy.com *.demo.gracelandmy.com *.discussion.gracelandmy.com *.docker.gracelandmy.com *.forum.gracelandmy.com *.forums.gracelandmy.com gracelandmy.com *.gracelandmy.com *.graphql-playground.gracelandmy.com *.help.gracelandmy.com *.internal.gracelandmy.com *.invoices.gracelandmy.com *.js.gracelandmy.com *.k8s.gracelandmy.com *.kubernetes.gracelandmy.com *.landing.gracelandmy.com *.media.gracelandmy.com *.pg.gracelandmy.com *.portal.gracelandmy.com *.proof.gracelandmy.com *.registry.gracelandmy.com *.scripts.gracelandmy.com *.status.gracelandmy.com *.support.gracelandmy.com *.vpn.gracelandmy.com *.webmail.gracelandmy.com *.wildcard.gracelandmy.com *.ww2.gracelandmy.com *.ww5.gracelandmy.com *.www.gracelandmy.com *.wwww.gracelandmy.com

*.api.marjee.com *.dev.marjee.com *.hostmaster.marjee.com *.mail.marjee.com marjee.com *.marjee.com *.sitemap.marjee.com *.test.marjee.com *.ww17.marjee.com *.ww25.marjee.com *.ww5.marjee.com *.www.marjee.com

*.app.mudes.com *.cloudvpn.mudes.com *.exchange.mudes.com *.m.mudes.com *.mc.mudes.com mudes.com *.mudes.com *.org.mudes.com *.videos.mudes.com *.vpnssl.mudes.com *.ww1.mudes.com *.ww16.mudes.com *.ww17.mudes.com *.ww25.mudes.com *.www.mudes.com

*.gp.pasqualucci.com pasqualucci.com *.pasqualucci.com *.sitemap.pasqualucci.com *.ww1.pasqualucci.com *.ww16.pasqualucci.com *.ww25.pasqualucci.com

*.hostmaster.relayrental.com *.imap.relayrental.com *.m.relayrental.com relayrental.com *.relayrental.com *.ww1.relayrental.com *.ww17.relayrental.com *.ww25.relayrental.com *.ww38.relayrental.com

uuu2726.top *.uuu2726.top