SSL Certificate Analysis for greenlit.tech - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=app.nbbarber.com.br

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

January 12, 2026

Valid Until

April 12, 2026 81 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

9E:4B:FA:0C:86:63:FB:FB:7D:3A:6F:36:28:AA:B5:7B:82:6F:98:44:AF:7F:BB:6E:B7:F8:CC:7C:E3:8B:BA:C5

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

greenlit.tech

Other domains in certificate

abelgasque.com

olam.abhiyanpa.in

agendafox.online

www.ajaddons.com

admin.andanh.net

auth.andmeno.com

fbpg.api7.xyz

desa-crabi-cronos.aseguradoradigital.com.mx

www.atara.uk

banlaso1.click

beoutlier.in

bingocero.online

auth.buyten.shop

devfest.capitale.dev

cloud-rush.de

dcslab.co.kr

codeflair.com

codehannah.nyc

price.hargapedia.com.my

discover.comobi.io

law.connectorzzz.com

contractorpro.app

dev.cyber-bousai2020.dena.com

farma.digisoul.app

e-plus.space

rgpai.dlu.edu.pl

tap.elevationchurch.org

elizabethandmarie.com

ellwoodbristol.com

www.emaislab.com.br

app-qa.crowds.entelocean.cl

assets.fairconnect.it

flipshomart.shop

fluorescentminds.com

foolspyorahuolto.fi

www.fyne.studio

transito.juanjoserios.gob.mx

apps.harkawal.com

analytics.homestation.jp

iaghost.com.mx

h.domains.ington.net

auth.initium-me.com

www.login.kanban.inrvatemedia.com

security-admin.ruda.johnfowler.co.uk security.ruda.johnfowler.co.uk

cdn.joinsherpa.io

insights.kennys.nl

www.lemoninspace.com

lexmontlaw.com

admin.lightbridgeinc.com

localrewards.co.za

www.manasikplanner.com

marcusarkwelllaw.com

maritimechamber.co.za

www.mattsimpson.com.au

mdln.studio

karlagomes.med.br

westfriesland.medewerkerstatus.eu

mercedseniors.org

www.mikrotickets.com

addons.minecraft-event.net

mixidea.org

date.phamvankhang.name.vn

app.nbbarber.com.br

www.neuronestclinic.co.uk

www.nripool.com

links.nv.sa

pgmolcasefiles.org

www.pizzadamario.it

promptlyne.com

razorcorp.io

signitive.co.uk

portal.skarv.cloud

www.skill-elevator.com

app.softytravel.com

essays.sonavagarwal.com

h.domains.sonomacommunications.com

speedpainter.xyz

www.spodse.app

srividhya.io

operator.fortime.staq.dev

swapl.it

www.talenthubs.net

www.tansikhadayek.com

www.taylo.dev

www.tecnicos-oficiales.com

www.admin.devs.terrific.live

thechefsty.com

beta.timee.com

torutora.com

tyrata.io

mails.updatedfara.org

verdepaura.it

www.auth.dashboard.volteras.com

vrento.com.mx

app.vrfm.io

sl2025tttt.labs.websheet.io

tetris.zackhu.com