SSL Certificate Analysis for nabarry.com - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=copiloto-claromulti.inspiring.marketing

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

January 21, 2026

Valid Until

April 21, 2026 86 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

71:BA:5B:C4:9D:31:E6:2B:F2:4F:CB:6A:56:35:08:53:23:24:1A:77:EA:0C:24:73:B7:76:7C:BF:E9:AB:AA:7A

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

nabarry.com

Other domains in certificate

bdr-cert.3dcloud.io

app.addrobots.com

aigurutech.com

test.ailetic.app

portal.apedental.com

volts.energia.app.br

www.audioreign.com

bachrony.com

bauunternehmen-wardenburg.de

www.blestapp.com

boardgamehaven.com

buymusic.cm

www.charliepark.com

www.kangarooscaffolding.co.tz

www.code-breakfast.com

collabli.app

crm.lyib.com.tw

www.deeplink.com.br

dehofconcerten.be

essitreehop.designbridge.com

www.draw-line.com

www.dszwarc.pl

eetbaaronkruid.be

elevenna.com

covid19-staging.emailmeter.com

www.emlarquitecturatecnica.com

l.enjoi.app

app.enmovimientofitnessestudio.com

missioncontrol.enoram.app

estudante.website

blu.evnto.it

festnow.com.br

www.freshtab.net

fullstackpiyush.com

jobs.gci-digital.com

www.ghaines.net

goatedchess.com

www.granis.nu

nerdnews.grupodantass.com.br

www.halsovis.se

pos.hancod.com

api.havit.app

www.hedgehogsoftware.co

skegnet.hughedwards.dev

icelabz.co.uk

implex.io

copiloto-claromulti.inspiring.marketing

www.kalugi.com.au

bbtag.keeponrock.in

playground.kentliau.com

www.kiransavaria.in

kubrikdigital.com

www.leuk.app

liamkey.com

modes.liamsellers.com

blog.matematykagryzie.pl

mathuno.com

mayerseidman.com

static.mp.mediaonetv.in

faq.mediq.com.au

chat.meditatii.ro chat.staging.meditatii.ro

mikeandjoan.site

appopen.mindyou.app

nutriplan.minhtran.tech

www.moderna-virtual.us

mustlovemelissa.com

neet.academy

neod.com

app.ottaaproject.com

patrol-paris.com

agence-demo.phoenix-dz.com

gallery.pixiteapps.com

www.procpro.com.br

produvarovs.com

canteen.prospectintschool.com

psimpel.se

ptfinder.app

radactive.com

www.realtimetypeapprovals.com

wingss-dev.rentoso.cl

www.rollscroll.org

www.seis8.com

www.simplyadvanced.net

skylinevision.ai

zakaznik.acc.stammgast.cz

stenskjaer.net

stoutr.app

11496133.stratics.io

loan-calc.sushiljainam.com

sicher-testen.triply.ai

pica.turnosweb.app

www.varunpandey.net

www.vemsagerdet.se

emaile.wanke.jetzt

portal.websensum.com

wyverald.me

www.yuunwateralarms.com

resume.zipvc.com