SSL Certificate Analysis for islamicesg.org - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=constructora.store

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 01, 2026

Valid Until

July 30, 2026 58 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

2C:E3:24:78:C8:01:84:1F:58:D1:0B:E7:C7:A0:76:99:A6:60:43:05:8B:F3:AF:D9:29:86:B2:C7:CF:54:A4:B2

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

islamicesg.org *.islamicesg.org *.iz7bnfxmiv.islamicesg.org *.vps.islamicesg.org

Other domains in certificate

93ji.top *.93ji.top *.fcaab4xmuw.93ji.top

allcalidad.pro *.allcalidad.pro *.ww38.allcalidad.pro

clinical-trials-virtual-608.sbs *.clinical-trials-virtual-608.sbs

consideratedigital.com *.consideratedigital.com

constructora.store *.constructora.store *.mta0.constructora.store *.ww16.constructora.store *.ww38.constructora.store

exploretourism.org *.exploretourism.org

exquisito.it *.exquisito.it

*.0c73b665-cc00-4ed6-a8b0-c13e65adf1e4.geniephoto.media *.app.geniephoto.media *.cb997cab-65fd-4f26-9630-9cedac1242bc.geniephoto.media geniephoto.media *.geniephoto.media *.server.geniephoto.media

*.autodiscover.juneandjuly.com juneandjuly.com *.juneandjuly.com *.sitemaps.juneandjuly.com *.webmail.juneandjuly.com

kaamthailand.com *.kaamthailand.com *.www.kaamthailand.com

*.hostmaster.kuzutobusutoges.com kuzutobusutoges.com *.kuzutobusutoges.com *.random.kuzutobusutoges.com *.superset.kuzutobusutoges.com *.ww25.kuzutobusutoges.com *.www.kuzutobusutoges.com

mineexchange.cc *.mineexchange.cc *.wp.mineexchange.cc

*.coastalbend.myezyaccess.co myezyaccess.co *.myezyaccess.co *.nwrheumatology.myezyaccess.co

ngefilm21.us *.ngefilm21.us *.ww25.ngefilm21.us

*.hostmaster.nonstandardized.com nonstandardized.com *.nonstandardized.com *.www.nonstandardized.com

*.netwww.rollatorscout.de rollatorscout.de *.rollatorscout.de

*.kaget.set-co.cfd *.nf0-k--bgf.set-co.cfd set-co.cfd *.set-co.cfd *.ww16.set-co.cfd *.ww25.set-co.cfd *.ww38.set-co.cfd

starry.au *.starry.au

theconsciousedit.co *.theconsciousedit.co *.webmail.theconsciousedit.co

*.api.trungtamcskh.info *.backup.trungtamcskh.info *.staging.trungtamcskh.info trungtamcskh.info *.trungtamcskh.info

vqzbq.xyz *.vqzbq.xyz *.ww25.vqzbq.xyz *.ww38.vqzbq.xyz

*.559c17d0-0cc4-4837-ae10-3dfcb0b7bcb7.win-signup.org *.server.win-signup.org *.vps.win-signup.org win-signup.org *.win-signup.org

youcone.me *.youcone.me