SSL Certificate Analysis for git.bank777.dev - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=managerfriend.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 25, 2026

Valid Until

July 24, 2026 72 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D7:69:04:FB:37:EF:9A:50:B5:20:D0:BD:82:93:7F:8F:08:86:EC:55:F5:AE:2E:A1:17:F9:F2:FF:6E:F8:EF:5D

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

bank777.dev *.bank777.dev *.app.bank777.dev *.dev.bank777.dev *.test.bank777.dev

Other domains in certificate

225599rr.com *.225599rr.com

27856.loan *.27856.loan

34097.blog *.34097.blog

449106.cc *.449106.cc

4636c5d4428e5d5c.com *.4636c5d4428e5d5c.com

84-guinness.com *.84-guinness.com *.slovari.84-guinness.com

96319.sx *.96319.sx

99838.sx *.99838.sx

alquilerautosfacil.sbs *.alquilerautosfacil.sbs

anbzo.auction *.anbzo.auction

anotherrconcept.com *.anotherrconcept.com

brightheadline.xyz *.brightheadline.xyz

catalyseforgehub.xyz *.catalyseforgehub.xyz

*.chat.ero.ms ero.ms *.ero.ms *.m.ero.ms *.speromanga.ero.ms

etftool.com *.etftool.com

euuhx.com *.euuhx.com

feastuponthewordblog.org *.feastuponthewordblog.org

foctfkqsxr.cc *.foctfkqsxr.cc

getmartyautomates.com *.getmartyautomates.com

glorp.cc *.glorp.cc

hqkitalent.com *.hqkitalent.com

ikimisli738.com *.ikimisli738.com

jyza.us *.jyza.us

m9js9oa.cc *.m9js9oa.cc

managerfriend.com *.managerfriend.com *.zus.managerfriend.com

owltof.finance *.owltof.finance

precisegardenconsult.live *.precisegardenconsult.live

primeplatefood.food *.primeplatefood.food

primevestx.com *.primevestx.com

relocation-and-storage.click *.relocation-and-storage.click

repairmaintenancehq.com *.repairmaintenancehq.com

rest-job-en-wp-x-1212314.sbs *.rest-job-en-wp-x-1212314.sbs

sdgdfg39sf.top *.sdgdfg39sf.top

seniorenrecht.org *.seniorenrecht.org

storyseekersrealm.com *.storyseekersrealm.com

tires-fr-2954.sbs *.tires-fr-2954.sbs

tranquilframe.rest *.tranquilframe.rest

viet69live.cc *.viet69live.cc

xabgh.auction *.xabgh.auction

zdmkoc.live *.zdmkoc.live