SSL Certificate Analysis for nginel.com - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=filimonssb.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

October 06, 2025

Valid Until

January 04, 2026 52 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

FB:AC:BD:75:26:42:9D:9E:27:AC:EB:54:AE:D4:D8:65:12:D3:68:47:37:B6:B9:4F:F3:0E:3E:E7:FF:43:8E:06

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

nginel.com

Other domains in certificate

firebase-test.alapaapp.tech

www.alcantaradevelopment.com

console-legacy.ampify.io

aniyaaedition.com

www.arity51.com

google.asmat.app

additivesynth.awakening.systems

e.betodemy.com

bgsisson.com

alpha.bitpack.me

member.blackbeltbarrister.com

www.calstec.com

chetandoes.dev

www.grandresidency.co.in

checkers.cole-cirillo.com

collinandrachel.com

www.dashrelease.com

www.dbheavymechanical.com

travel.decodedetroit.com

prayertimes.deeniyat.com

konst.dryg.net

enfochannel.com

fabioluiz.com www.fabioluiz.com

mint.fadeawaybunny.com

filimonssb.com

myma.flexm.com

funkyrecipes.dev

docs.gosbi.com

www.heptasec.com

www.heptasecurity.com

www.hmkautoparts.com

www.hoadaoden.com

padmin.huaysodyeekee.com

iapt.app

luutuanhung-20225131.id.vn

www.indosweetjn.com

insane-mag.com

intersectinnovations.com

into-asia.com

www.kalpkari.com

kasyafbina.com

www.kawtharzahid.com

tao.kayac.com

www.kitmate.app

komunumos.com

micro-credit.lewifinance.com

lukasschimmer.com

stagingsyndicate.lvxventures.com

www.lwolczynski.com

malaysiafitness.com

www.malitht.com

mancadeiros.com

vip.manontoday.com

www.maxeverest.dev

habit.maxyspark.me

mazalove.com

cre8-alpha.mckaybonham.com

michaelrissover.com

app.mue.micromal.org

millburytechnologies.com

www.motrou.com

mountaintopadvisors.com

naomi.nadiv.us

wordhunt.nathangillispie.work

fifth.neoufitness.com

nexgeninnovation.com

nilaisolutions.com

www.omargallo.com

lessons.orai.com

parabarshipping.com

www.parqo.com

www.pixelscope.com

premierconcreteutah.com

pxtwelve.com

prod.qokoon.com

rajagurucrackers.com

realpartyinfo.com

riply.app

savviersoftware.com

starfruit.scjalliance.com

admin.sglcertified.com

www.smartsurveywork.com

uaalivepoll.sqwadhq.com

strifehomes.com

stulzcdu.com

amr-kwt-kfc-kiosk.supersonic-fm.com

syntechtical.com

www.tanukabhadra.com

teamluzi.com

thelidholms.com

thethirdeyecapital.com

tulos.ai

ufaeasy888.com

verdanaev.com

vintecdecantanddine.com

app.vojo.com.br

weenpharma.com

website.zychin.com