SSL Certificate Analysis for civrs.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=tryimposing.info

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 24, 2026

Valid Until

August 22, 2026 78 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

85:9C:E1:82:26:C1:BF:FD:2B:86:BD:7E:66:87:ED:3E:FA:62:5A:84:3B:1B:84:C9:C7:A1:45:75:48:EC:AF:BF

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

civrs.com *.civrs.com

Other domains in certificate

36408.my *.36408.my

36444.one *.36444.one

50723.club *.50723.club

58112.my *.58112.my

78061.one *.78061.one

84917.my *.84917.my

8hlist.com *.8hlist.com

8hnft.com *.8hnft.com

anysoftbuilder.com *.anysoftbuilder.com

anysoftsystems.com *.anysoftsystems.com

*.api.asiangroup.xyz asiangroup.xyz *.asiangroup.xyz

bookinghotels.co *.bookinghotels.co

brettisbased.xyz *.brettisbased.xyz

dignifiedexplore.xyz *.dignifiedexplore.xyz

ecfdmzk416.vip *.ecfdmzk416.vip

eid.tv *.eid.tv

exelon.pro *.exelon.pro

gdfzx.vip *.gdfzx.vip

golocalurbanads.com *.golocalurbanads.com

hse5.xyz *.hse5.xyz

hydra8888v2.xyz *.hydra8888v2.xyz

jetspresso.com *.jetspresso.com

klam.live *.klam.live

lasagradafamilia.net *.lasagradafamilia.net

ltbsa.town *.ltbsa.town

nowtrending.co *.nowtrending.co

oceanr.net *.oceanr.net

pinkcosmeticosyfantasia.com *.pinkcosmeticosyfantasia.com

*.asrar5.ruhany5.com *.mohamedbinsaad.ruhany5.com *.ruhaniat2.ruhany5.com ruhany5.com *.ruhany5.com

suicide.bio *.suicide.bio

teddy16888v2.xyz *.teddy16888v2.xyz

therockfordnews.com *.therockfordnews.com

tokenclub.io *.tokenclub.io

topkey.top *.topkey.top

*.a.tryimposing.info *.api.tryimposing.info *.app.tryimposing.info *.backup.tryimposing.info *.dev.tryimposing.info *.staging.tryimposing.info tryimposing.info *.tryimposing.info

wwwwix.com *.wwwwix.com

ylysh.gdn *.ylysh.gdn

zajob.xyz *.zajob.xyz

zoomacasino111.buzz *.zoomacasino111.buzz