SSL Certificate Analysis for matrixdesign.co - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=boxauth.co

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 26, 2026

Valid Until

August 24, 2026 80 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

AF:49:D5:1F:0B:2D:2E:ED:26:EF:73:AB:49:AE:5E:76:E0:0B:C8:67:6F:AF:35:EB:80:56:7D:80:1D:57:B2:E8

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

matrixdesign.co *.matrixdesign.co *.sitemaps.matrixdesign.co

Other domains in certificate

boxauth.co *.boxauth.co *.ww38.boxauth.co

*.access.budu.org budu.org *.budu.org *.cloud.budu.org *.connect.budu.org *.m.budu.org *.portal.budu.org *.ra.budu.org *.rd.budu.org *.rdp.budu.org *.remoteapp.budu.org *.secure.budu.org *.vpn.budu.org *.webvpn.budu.org

*.api.buganda.coffee buganda.coffee *.buganda.coffee *.c6d8ee5a-83d1-49d6-8426-1eb566a08140.buganda.coffee *.d276fe55-c3d0-4205-b375-ca185e91e8e7.buganda.coffee *.demo.buganda.coffee *.dev.buganda.coffee *.exypys.buganda.coffee *.rustore.buganda.coffee *.test.buganda.coffee *.webmail.buganda.coffee

cocomelon.io *.cocomelon.io *.hostmaster.cocomelon.io *.mail.cocomelon.io *.posta.cocomelon.io *.www.cocomelon.io

*.admin.gemscope-ai.net *.api.gemscope-ai.net *.app.gemscope-ai.net *.assets.gemscope-ai.net *.demo.gemscope-ai.net *.dev.gemscope-ai.net *.facc4711-b07d-4a8c-a8a0-0932946dd431.gemscope-ai.net gemscope-ai.net *.gemscope-ai.net *.ggsumapp.gemscope-ai.net *.mf0m5s.gemscope-ai.net *.staging.gemscope-ai.net *.test.gemscope-ai.net

*.59402540-af46-443d-8d6a-72650a6a8f2b.liminkalainen.com liminkalainen.com *.liminkalainen.com *.office.liminkalainen.com *.webvpn.liminkalainen.com

parentingscience.co *.parentingscience.co

qadybo.pro *.qadybo.pro *.sitemap.qadybo.pro *.sitemaps.qadybo.pro

stock-investment-fbj4.click *.stock-investment-fbj4.click

*.0ae9fabd-b369-4bd1-9426-7766659b5a3d.thomman.es *.2504ed5a-b15a-4ada-97ea-81235c0f8f0a.thomman.es *.55ca996a-f479-4e3f-ad60-8a5128777cc7.thomman.es *.575ab055-79d7-4314-af66-2788f5ae47d3.thomman.es *.admin.thomman.es *.api.thomman.es *.app.thomman.es *.archive.thomman.es *.backup.thomman.es *.docs.thomman.es *.external.thomman.es *.intranet.thomman.es *.members.thomman.es *.my.thomman.es *.new.thomman.es *.portal.thomman.es *.public.thomman.es *.shop.thomman.es *.stg.thomman.es *.store.thomman.es *.test.thomman.es thomman.es *.thomman.es *.webmail.thomman.es *.ww3.thomman.es *.www.thomman.es