SSL Certificate Analysis for groupmessage.org - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=whiskeynfts.com

Issuer

C=US, O=Let's Encrypt, CN=YR1

Valid From

June 15, 2026

Valid Until

September 13, 2026 82 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

19:28:8B:A1:E5:26:25:19:4F:34:5F:90:82:10:4E:FA:45:C7:C4:A0:B0:90:E1:ED:61:B8:11:97:A0:B8:26:96

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

groupmessage.org *.groupmessage.org *.backup.groupmessage.org *.comc2-4800f046e75c.groupmessage.org *.m.groupmessage.org *.members.groupmessage.org *.staging.groupmessage.org *.test.groupmessage.org *.uat.groupmessage.org

Other domains in certificate

anesthesiatechnicians.com *.anesthesiatechnicians.com

*.70b8e832-bdf2-400d-881a-626e727c6001.aufhhashvfy.com *.assets.aufhhashvfy.com aufhhashvfy.com *.aufhhashvfy.com *.b000666b-0892-4538-906c-dddf13aae5ee.aufhhashvfy.com *.dashboard.aufhhashvfy.com *.demo.aufhhashvfy.com *.mailer.aufhhashvfy.com *.nzvr.aufhhashvfy.com *.pfakoassets.aufhhashvfy.com *.v1.aufhhashvfy.com *.web.aufhhashvfy.com *.www.aufhhashvfy.com

bvw.com.au *.bvw.com.au

cheapframing.com *.cheapframing.com *.redwood.cheapframing.com *.shuyang.cheapframing.com

*.cloud.conservetheearth.org conservetheearth.org *.conservetheearth.org *.cpanel.conservetheearth.org *.cpcalendars.conservetheearth.org *.cpcontacts.conservetheearth.org *.rd.conservetheearth.org *.rds.conservetheearth.org *.rdweb.conservetheearth.org *.remote.conservetheearth.org *.salveelp.conservetheearth.org *.webmail.conservetheearth.org

csco.au *.csco.au *.zvkbcww38.csco.au

*.api.egypt-visits.com *.blog.egypt-visits.com *.dev.egypt-visits.com egypt-visits.com *.egypt-visits.com *.hostmaster.egypt-visits.com *.ww12.egypt-visits.com

hzwz.org *.hzwz.org *.ma5qiu.hzwz.org

ohrschmerzen.de *.ohrschmerzen.de

*.04062ff6-67e2-42d6-b00b-92b50fa86556.wbsaoapp.xyz wbsaoapp.xyz *.wbsaoapp.xyz *.ww25.wbsaoapp.xyz *.www.wbsaoapp.xyz

*.admin.wfzz.xyz *.ai.wfzz.xyz *.api.wfzz.xyz *.backend.wfzz.xyz *.cc.wfzz.xyz *.ch.wfzz.xyz *.demo.wfzz.xyz *.dev.wfzz.xyz *.fk.wfzz.xyz *.jzf.wfzz.xyz *.m.wfzz.xyz *.navigation.wfzz.xyz *.nvrzdhlqela.wfzz.xyz *.s.wfzz.xyz *.staging.wfzz.xyz wfzz.xyz *.wfzz.xyz *.ww1.wfzz.xyz *.ww25.wfzz.xyz *.www.wfzz.xyz *.zz.wfzz.xyz

*.sitemap.whiskeynfts.com whiskeynfts.com *.whiskeynfts.com *.wildcard.whiskeynfts.com

wild001.com *.wild001.com *.ww25.wild001.com