SSL Certificate Analysis for mohamedashraf.tech - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=dev.seanmcquaide.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

November 17, 2025

Valid Until

February 15, 2026 86 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D7:18:DA:37:98:91:17:82:BE:B9:05:57:3A:EE:47:EA:49:D3:10:40:30:AC:D2:4B:DA:20:EF:A7:4B:6E:2F:5A

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

mohamedashraf.tech

Other domains in certificate

taxcellence.aaddress.in

www.addiits.com

memory-card-game.aonikenk.dev

applife.app

apxschool.org

www.artiedaguifi.net

auditechme.com

austin-kothig.ca

axislaw.pk

gf.baebae.app

contractmonitor-test.bce.dev

board.bprslantabur.id

www.briananderson.xyz

capeair.co.uk

auth.careerdose.com

www.commerce2b.com

www.diamondslotto.com

digital.email

admin.dondeviajamos.es

www.dousee.ai

link.downatdart.me

dragondevs.net

ezpop.info

print.famm.us

fineart.hk

futsniperbot.com

www.gisjohnsonautolocksmith.com

pay.plantly1.gr4vy.app

lamda.graduategowning.co.uk

cloud.gridfusion.energy

admin.gurudeals.fr

henchmenskis.ca

www.idnkhtw.space

iroes.net

links.itrackbrasil.com.br

m.join-titi.com

a.kaisgolfguide.de

liderazgogerencial.com.mx

www.fitnesstracker.linkpc.net

larf-emp.livearf.com

link.app.locapi.jp

free-storage.luwaktech.com

www.magestralia.net

www.marshowapp.com

www.mdenterprisesglobal.com

www.mdln.live

www.mohammed-najib.me

mr-dengi.ru

myticketprice.com

www.nathanayele.com

tools.nectarition.jp

app.dev.nexusware.ai

ofo-inc.jp

ohkrao.com

links.olapodcasts.com

staging.onetable.org

www.onthymepersonalchef.com

auth.piksapp.de

www.pracowniagosia.pl

projectspulse.com

www.proleapgroup.com

tercon.qitech.digital

neuropath.rcaic.com

reproneetlearning.com

qa.playlist.riffbox.app

crm.rightyon.com

www.ruben-oliveira.com

dev.seanmcquaide.com

setsuna.co.uk

biowise.simpfo.in

smartenergy-co.uk

invite-stg.snappers.tv

lp.sogyoweb.com

quest.sparber.net

www.spontankonzert.de

metisdemo.stepinsight.com.au

www.storeshots.net

stshenoudachurchfl.org www.stshenoudachurchfl.org

techsnack.xyz

the-satan.xyz

www.theartofcorr.com

app.thedjsvault.com

theothercompany.nl

timvermaercke.be

truckr.me

tuma.lol

heron.tunji.dev

tutproduce.com

tvslosa.org

velosyselectronics.com

partner.vnetwork.vn

link.vuexr.com

swing-speed-radar.watchitgolf.com

directboeken.weloveoldtimers.nl

artificial-intelligence.wiiit.site

williamsykes.co.za

z-stack.by