SSL Certificate Analysis for confieval.com - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=teleconn.app

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

November 23, 2025

Valid Until

February 21, 2026 89 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

F2:A4:9F:D5:10:EF:4E:63:07:73:DE:27:FF:04:C6:64:65:5A:FC:BA:19:BB:91:30:3F:4F:71:27:6C:FB:7E:F8

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

confieval.com

Other domains in certificate

1on1talk.app.1on1navi.com

finance.a9labs.top

api.adniter.com

afwebdev.com

agexbe.com

www.ahmedelhalabi.com

vcard.ambivo.com

www.amplitudefestival.com

apartinator.ro

atadecusut.ro

dev-auth.atgo.app

bakrin.com

bananaheist.com

banburycrossing.com

ekyc.banexcoin.com

bc-app.nl

test.beeplus.id

beyondmarketing.hu

bountycoin.club

candyfighter.com

app.catchme.live

cedvalley.com

ki-tattoo.chrisrichter.dev

sandbox.donate.citizengo.org

account.pi-innovation.com.hk

admin.padiapp.com.ng

page.itask.com.sg

crexis.com

www.csepulv.com

www.demsvote.us

www.dlsfixit.com

dysconstructora.com

app.earthblox.io

demo.emergencydentaldirect.com

etiennelebel.com

www.eversend.me

app.familyconnectors.nyc

firebase.flutter.dev

flyashpak.com

a0fo.foodle.su

www.foxytimetracker.com

www.gagpro.fr

www.game-cards.app

www.gitaiot.com

glambel.com.br

staging.gobertha.com

auth.gocrisp.com

www.godeadon.com

gokmengoksel.com

heliosappliedscience.com

whatsapp.hookz.ai

hmtiencncd2211003.id.vn

www.inktoskin.co.za

www.intera-kt.de

www.k2ss.info

khaledbadran.ca

kosmosmusic.ru

krml.me

www.loclab.jp

www.luxerasolutions.mk

lyrnwithus.com

www.makrofag.no

marspixels.com

link.medimagic.com

www.menstruationchecken.se

mento.co.jp

quick-look.mkelley.dev

vastkuststiftelsen.molnfastigheter.se

prediagnostico.mymoons.mx

pan-brzytwa.pl

www.sandbox.dashboard.payos.app

www.perkat.ltd

pidw.pk

r3pa.dev

cloudpayments.radiotoolkit.com

rodrigowiethorn.online

app-voluntario-modules.rogeriossantos.com.br

www.sands-app.com

backdropper.secretcode.ro

xdyolo.smear.cn

soaringdragon.art www.soaringdragon.art

sofastudios.space

mg.spbeu.ru

app.sportzens.de

strefagentlemena.pl

tardigrada.hu

tardigradatech.com

teleconn.app

throwback.cloud

www.dev.beheer.toegangsbon.nl

enps.topzamestnavatele.cz

tradersenlaarena.lat

test.traveltimeline.app

unifiedministries.app

uvetko.com

www.youtube-repeater.com

link.zdp.digital

cash.zeospec.com