SSL Certificate Analysis for carolinaway.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=efengshui.org

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 16, 2026

Valid Until

August 14, 2026 83 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

6B:FB:F0:DD:6D:9C:29:E2:D6:FD:66:ED:74:A4:68:0F:22:8E:F8:D1:D1:7D:C3:35:4A:41:0E:4E:5B:24:B0:0C

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

carolinaway.com *.carolinaway.com *.datahub.carolinaway.com

Other domains in certificate

accountspayable.in *.accountspayable.in *.ftp.accountspayable.in

aivoice.cc *.aivoice.cc *.dev.aivoice.cc

asianinvestmentbank.com *.asianinvestmentbank.com *.m.asianinvestmentbank.com

aursuite.com *.aursuite.com *.demo.aursuite.com *.envatocode.aursuite.com

bilimdost.info *.bilimdost.info *.sitemap.bilimdost.info *.sitemaps.bilimdost.info

*.api.biovertmaroc.art *.app.biovertmaroc.art biovertmaroc.art *.biovertmaroc.art

*.2dbi82.bizfinuptechdev.com bizfinuptechdev.com *.bizfinuptechdev.com

brainers.co *.brainers.co *.share.brainers.co *.www.brainers.co

cargostorage.uk *.cargostorage.uk *.magento.cargostorage.uk

efengshui.org *.efengshui.org *.m.efengshui.org *.www.efengshui.org *.zimbra.efengshui.org

*.api.glocal.bio *.app.glocal.bio *.dev.glocal.bio glocal.bio *.glocal.bio *.test.glocal.bio *.y2wnuw.glocal.bio

*.1acz0s.macaron.best *.api.macaron.best *.app.macaron.best *.dev.macaron.best macaron.best *.macaron.best *.mail.macaron.best *.www.macaron.best

magicterkuat.vip *.magicterkuat.vip *.vip.magicterkuat.vip *.www.magicterkuat.vip *.za52r0.magicterkuat.vip

*.gifi28.medsinstant24.yachts medsinstant24.yachts *.medsinstant24.yachts

*.a.onchainpulse.info *.admin.onchainpulse.info *.dev.onchainpulse.info onchainpulse.info *.onchainpulse.info *.www.onchainpulse.info

*.8393255d-7042-423a-9b1b-6275bb56c3fb.oohee.co *.candidate.oohee.co *.gestion.oohee.co *.media.oohee.co oohee.co *.oohee.co *.v1.oohee.co

*.app.propertyhub.in *.dashboard.propertyhub.in *.demo.propertyhub.in propertyhub.in *.propertyhub.in *.sitemaps.propertyhub.in *.test.propertyhub.in *.www.propertyhub.in

*.cp.solutionbridge-et.com solutionbridge-et.com *.solutionbridge-et.com

*.m.wupinglvcha.cn wupinglvcha.cn *.wupinglvcha.cn