SSL Certificate Analysis for plataforma.fedecuy.org - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=maps.stanojkovic.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

October 11, 2025

Valid Until

January 09, 2026 47 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

4A:1C:17:E1:95:6D:A8:74:69:5C:2A:D0:8C:F0:0C:60:9F:D4:BD:4A:2E:27:8D:A1:66:D4:71:87:10:D6:AE:15

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

plataforma.fedecuy.org

Other domains in certificate

1seoaudit.com

hdd-demo-2.5loyalty.com

aemudm.ca

www.alzaidy.sa

annasolecka.com

anpulse.com

stg.app.any-x.com

appres.org

amfam-cfr-stage.askkodiak.com

eventit.asmz.beer

link.audactive.com

avatarsmith.com

staging.link.awarefy.app

www.bb-brindille.be

bbbk.at

www.beatrust.com

www.app.becovalent.co.uk

bossmydata.com

bplarmy.com

www.brareytv.com

brunjar.com

budaminof.com

studio.caleido.dk

firebaseapp.carfinance2u.co.nz

pm-soa.cebulandmasters.com

christophermckimmie.com

ayo.coca-cola.co.id

loaf.co.ug

codju.com

esmaduran.com.tr

creatoradar.com

qa-elysium.datalakehouse.io

www.delfspec.com

digilege.no

www.doomedtosucceed.co

easyworkbelgium.be

elparqueo.com

ericsqualitycleaning.com

esense-muscle.com

avanza.estudio.app

facetherapie.com

familymenuplanner.com

ts.fleet.ph

genu-systems.com

www.gerlipp.com

germancappuccino.com

www.gibigroup.eu

map.gnada.si

harem.one

harosec.com

app.staging.illust.space

app.imobiliariamarques.com.br

tracksugode.infomega.biz

keimeasy.com

khriiistosarcana.app

www.kpis.tech

leman.blog

lgenera.com

www.louhde.tech

marotivendeghazak.hu

internationalization.mathematikoi.co

ticket.mcom.app

m.meestory.com

tele.micrm.vn

insa-challenge.minhnn.fr

geotagger.mistybits.com

www.mitrov.dev

pubenq.mmrstg.com

juragan-dev.moneyz.id

mukbangshows.com

www.neverland.finance

www.onatsoftware.com

onlinecodingtools.com

sudo.org.za

firebase.pausi.id

www.praveenassociates.co

www.project44.app

www.proto.com.br

rasmus.productions

www.richharrison.dev

rizzorts.com

rogersteinbakk.no

www.sabor-a-peru.com

www.saja.se

santm.com

app.silver-smok.com

maps.stanojkovic.com

storier.us

tools.sweetbirdsuites.com

www.techitunes.com

student.techokids.com

sso.thatch.co

www.thyroidclinic.com

docs.totalum.app

www.tracking.education

virtutech.in

vmilinkplan.vmi-technologies.com

admin.gctjapan.wowdesk.jp

yaashnagupta.com