SSL Certificate Analysis for projects.lawyerd.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=insurersdirect.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

December 19, 2025

Valid Until

March 19, 2026 32 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

E7:F2:45:F9:CD:5C:55:84:29:D8:6A:66:5D:B1:39:38:BA:9D:FC:93:E8:61:A3:E2:A2:F7:03:AE:C3:6B:9B:23

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

lawyerd.com *.lawyerd.com *.blogs.lawyerd.com *.cp.lawyerd.com *.forum.lawyerd.com *.sentry.lawyerd.com *.sora.lawyerd.com

Other domains in certificate

acbsnews.com *.acbsnews.com *.ww38.acbsnews.com

autoreservations.com *.autoreservations.com *.shop.autoreservations.com *.site.autoreservations.com *.store.autoreservations.com

bebefitscal.com *.bebefitscal.com

blend-halldis.com *.blend-halldis.com

braune-flecken-auf-der-haut.de *.braune-flecken-auf-der-haut.de *.ww38.braune-flecken-auf-der-haut.de

*.alpha.churchless.tech *.beta-flow.churchless.tech *.beta.churchless.tech *.bypass.churchless.tech churchless.tech *.churchless.tech *.cicd.churchless.tech *.cymraeg.churchless.tech *.demo.churchless.tech *.example.churchless.tech *.free.churchless.tech *.git.churchless.tech *.helloworld.churchless.tech *.integration.churchless.tech *.iv.churchless.tech *.livechat.churchless.tech *.preprod.churchless.tech *.s2.churchless.tech *.stop-using-long-branchnames.churchless.tech *.superset.churchless.tech *.team-9-client-project-development.churchless.tech *.team-9-client-project-email-notify.churchless.tech *.team-9-client-project.churchless.tech *.team9-w.churchless.tech *.test.churchless.tech *.uat.churchless.tech *.velsh.churchless.tech *.whisper.churchless.tech *.wiki.churchless.tech *.ww38.churchless.tech

currycollege.com *.currycollege.com *.ww1.currycollege.com

*.b2b.dtatefarm.com dtatefarm.com *.dtatefarm.com

farmaciashollywood.com *.farmaciashollywood.com *.ww25.farmaciashollywood.com *.ww38.farmaciashollywood.com

*.b7cdac1d-f1cd-40d6-ac87-0b8f02005c92.honmaya.com honmaya.com *.honmaya.com *.hostmaster.honmaya.com *.smtp.honmaya.com *.wildcard.honmaya.com

*.demos.insurersdirect.com insurersdirect.com *.insurersdirect.com *.mobile.insurersdirect.com *.se.insurersdirect.com *.v2.insurersdirect.com

nation.uk *.nation.uk *.ncrs.nation.uk

stablecoin.studio *.stablecoin.studio *.ww25.stablecoin.studio *.ww38.stablecoin.studio

*.iwins.tf88casino.vip tf88casino.vip *.tf88casino.vip *.ww25.tf88casino.vip *.www.tf88casino.vip *.xosomega.tf88casino.vip

uynea.com *.uynea.com *.ww25.uynea.com