SSL Certificate Analysis for git.mygrocerfeedback.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=islamicbusinessaccount.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 08, 2026

Valid Until

May 09, 2026 86 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

48:D7:39:EB:51:EC:44:6F:1D:5D:09:3C:80:F0:00:10:C8:24:CF:C7:93:D7:E1:83:D0:94:4A:4E:2E:65:0B:6D

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

mygrocerfeedback.com *.mygrocerfeedback.com

Other domains in certificate

islamic-credit-card.com *.islamic-credit-card.com

islamic-credit-cards.com *.islamic-credit-cards.com

islamicbusinessaccount.com *.islamicbusinessaccount.com

kopist.site *.kopist.site

lisinopril24x7world.site *.lisinopril24x7world.site

luxyaura.com *.luxyaura.com

mastersofseo.com *.mastersofseo.com

mihenksurucukursu.com *.mihenksurucukursu.com

mindfulsecret.com *.mindfulsecret.com

minhngockl.com *.minhngockl.com

minimaai.com *.minimaai.com

mining-helium.site *.mining-helium.site

mirrorthis.site *.mirrorthis.site

mistralaiagent.com *.mistralaiagent.com

napwc-famrun.com *.napwc-famrun.com

nnnjogo.love *.nnnjogo.love

nobullaspire.com *.nobullaspire.com

offroadvacations.com *.offroadvacations.com

onrcjnxmioisuvhiourh.com *.onrcjnxmioisuvhiourh.com

oppojogo.pro *.oppojogo.pro

ortqf.bid *.ortqf.bid

outubrorosapg.live *.outubrorosapg.live

padariapg.live *.padariapg.live

pantatrophia.com *.pantatrophia.com

partyhubpos.com *.partyhubpos.com

patientsimpe.com *.patientsimpe.com

play-raven-ridge.xyz *.play-raven-ridge.xyz

pu0er4.shop *.pu0er4.shop

pvm26.top *.pvm26.top

pwqdb.co *.pwqdb.co

q61.me *.q61.me

qiudomino99.site *.qiudomino99.site

qoj12yke.top *.qoj12yke.top

radiospace.site *.radiospace.site

rancefluth.com *.rancefluth.com

rcqyfpnkcsxjhafomggw.com *.rcqyfpnkcsxjhafomggw.com

registerdomain.online *.registerdomain.online

returned.space *.returned.space

royalorchidresortbangalore.com *.royalorchidresortbangalore.com

rrbet.info *.rrbet.info

saiken.com *.saiken.com

sbobet285.biz *.sbobet285.biz

shaosong.love *.shaosong.love

sharetipsinfo.info *.sharetipsinfo.info