SSL Certificate Analysis for bancatix.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=naijanet.xyz

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 26, 2026

Valid Until

July 25, 2026 70 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

EC:F5:6D:17:03:48:AF:5A:6F:1E:7D:12:5B:1E:F2:F6:FD:7A:98:C0:51:66:91:CF:B0:C2:79:3B:DF:F3:AE:24

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

bancatix.com *.bancatix.com *.random.bancatix.com *.ww25.bancatix.com *.ww38.bancatix.com

Other domains in certificate

abebooka.com *.abebooka.com

aqdx66.com *.aqdx66.com *.vip.aqdx66.com

frank.net.au *.frank.net.au *.mail.frank.net.au *.remote.frank.net.au

*.5.gcisd.org *.8.gcisd.org *.access.gcisd.org *.admin.gcisd.org *.api.gcisd.org *.app.gcisd.org *.apps.gcisd.org *.collegiateacademy.gcisd.org *.connectvpn.gcisd.org *.dashboard.gcisd.org *.dashboards.gcisd.org *.demo.gcisd.org *.des.gcisd.org *.desktop.gcisd.org *.dev.gcisd.org gcisd.org *.gcisd.org *.grapevinehs.gcisd.org *.home.gcisd.org *.login.gcisd.org *.mail.gcisd.org *.metric.gcisd.org *.metrics.gcisd.org *.mobile.gcisd.org *.news.gcisd.org *.notexistsww3.gcisd.org *.openpgpkey.gcisd.org *.portal.gcisd.org *.rds.gcisd.org *.rdweb.gcisd.org *.remote.gcisd.org *.remoteaccess.gcisd.org *.reporting.gcisd.org *.secure.gcisd.org *.silverlakees.gcisd.org *.sitemap.gcisd.org *.sitemaps.gcisd.org *.ssl.gcisd.org *.sslvpn.gcisd.org *.stats.gcisd.org *.superset.gcisd.org *.vista.gcisd.org *.visual.gcisd.org *.web.gcisd.org *.webconnect.gcisd.org *.webmail.gcisd.org *.ww5.gcisd.org *.ww6.gcisd.org *.ww8.gcisd.org *.www.gcisd.org

itacitus.org *.itacitus.org

kkiste.org *.kkiste.org *.random.kkiste.org *.ww25.kkiste.org

*.hs2.naijanet.xyz naijanet.xyz *.naijanet.xyz *.voorraad.naijanet.xyz *.ww16.naijanet.xyz *.ww25.naijanet.xyz *.ww38.naijanet.xyz

orderelpollofelix.com *.orderelpollofelix.com *.random.orderelpollofelix.com *.wss.orderelpollofelix.com

rebourne.org *.rebourne.org

terijoss.com *.terijoss.com

*.46b25355-8552-4883-95b6-f8908e2f84d4.yalla11.xyz *.app.yalla11.xyz *.ww25.yalla11.xyz yalla11.xyz *.yalla11.xyz