SSL Certificate Analysis for ng.chymaanthony.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=find-online-automated-mental-testing-se.sbs

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 13, 2026

Valid Until

July 12, 2026 50 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

6E:78:6D:F4:E8:CE:A3:CA:7D:D8:68:45:E3:E4:1C:5D:61:97:AC:DA:1A:76:04:DF:C7:4E:41:39:9A:51:90:5F

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

chymaanthony.com *.chymaanthony.com

Other domains in certificate

chessdojo.com *.chessdojo.com

choosylist.com *.choosylist.com

cloondara.com *.cloondara.com

coagen.com *.coagen.com

computer-networking-answers-345.sbs *.computer-networking-answers-345.sbs

conzerol.com *.conzerol.com

copoint.tech *.copoint.tech

crownmate.com *.crownmate.com

ctlhub.com *.ctlhub.com

currygame.com *.currygame.com

datamagicians.com *.datamagicians.com

deepzoo.com *.deepzoo.com

designcraftstudio.com *.designcraftstudio.com

deviceloop.com *.deviceloop.com

dreamsiteco.com *.dreamsiteco.com

dropgrid.com *.dropgrid.com

dynamicinterventions.com *.dynamicinterventions.com

edbotics.com *.edbotics.com

electronictongue.com *.electronictongue.com

elephantarmy.com *.elephantarmy.com

elvonet.com *.elvonet.com

english-courses-uae.sbs *.english-courses-uae.sbs

expungeme.com *.expungeme.com

eye-bag-surgery-0412.sbs *.eye-bag-surgery-0412.sbs

facultybot.com *.facultybot.com

fastloving.com *.fastloving.com

fearlessfreedom.com *.fearlessfreedom.com

find-online-automated-mental-testing-se.sbs *.find-online-automated-mental-testing-se.sbs

florentmoglia.com *.florentmoglia.com

fluvid.com *.fluvid.com

framekart.com *.framekart.com

gadgetsduniya.com *.gadgetsduniya.com

gaybangboy.com *.gaybangboy.com

generalcounseljobs.com *.generalcounseljobs.com

getteamhiredlabs.com *.getteamhiredlabs.com

getunderground.com *.getunderground.com

glareless.com *.glareless.com

gogugu.com *.gogugu.com

gronfira.cfd *.gronfira.cfd

gulfofamericamap.com *.gulfofamericamap.com

hannahsappliances.com *.hannahsappliances.com

hiveminer.com *.hiveminer.com

hvacjob-ca13.sbs *.hvacjob-ca13.sbs

ibnhayyan.com *.ibnhayyan.com