SSL Certificate Analysis for saltsoftware.io - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=www.wahajhassan.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

November 24, 2025

Valid Until

February 22, 2026 85 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D8:7E:71:2F:A0:19:34:19:88:7A:02:9B:76:4D:DA:7C:73:44:14:FA:A6:81:1D:9E:D8:02:7A:25:EF:B5:DD:37

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

saltsoftware.io

Other domains in certificate

aajtak.link

amnistiegj.fr

amplisend.com

app.appfrog.net

store.ashyaat.com

www.astrumgames.com

bilverkstadhjo.se

www.blotzpension.com

www.blushbit.com

t.bovo.dev

delete-account.bozoraka.com

brenshots.com.br

bnc.brown.edu

neat.camberi.com

city-ol-brugg.com

www.closethedoor.com

nimiqvouchers.cryptopayment.link

czarnecki.dev

www.deankiosk.com

galerij.dehooghoveniers.nl

bagnolet-noue.desirsgeographes.com

chatdid.didaticovirtual.com.br

www.dmdice.xyz

q1-myreturns.dpdlocal.co.uk

donut.eaglesvr.us

unifast.edunext.technology

www.escolasagradafamiliacg.com.br

everestbr.com.br

www.f4m0.us

sd.geeniux.com

app.getmemoirs.com

gigmessage.com

app.gymbyst.com

c19.links.healo.app

hilla.design

app.hivepath.io

holdtheholding.com

dev-coverage.hostabee.com

www.icontact.kr

ikigaimediaatl.com

partners.onebangkok.sustainability.in.th

ualberta.inviewer.io

jeterra.io

jnesistemasolarecftv.com.br

joaquinmartinez.mx

latinske-kurzy.cz

www.leo.ovh

demo2.limitly.pl

topic1.lp.lizard-apps.com

scodicms.llgsupport.nl

www.maxiceramicos.com

coopmauricie.megataxi.com

mobilepflege-petker.de

www.murraywlee.com

pic-eeag.mentor-stage.neccton.com

www.observantmusic.com

okie.au

orda.works

osom.tools

link.ownuapp.com

parallellearning.in

www.partnerwithreach.com

www.pretitle.com

trace.purejoyhoney.com

www.qad.fr

roguefairy.com

www.rohitsuratekar.com

sa33.com.br

leftovers.samuelhornsey.com

serverge.io

servesphere.org

serviceji.in

www.servizio-sinistri.it

app.dev.setscale.com

www.skolaindigo.cz

scp2-qa.sms2mkt.com

api.splitit-fs.com

www.blog.sprintso.com

www.stareintothevoid.com

app.stellamart.com

www.streamsoda.live

teletech.se

www.theminutejournal.com

thepeachyplanner.com

xr.think.digital

admin.ti-do.app

www.tonysbriggs.uk

turankerteszet.hu

www.upmov.com

www.urugi-ic.info

useheartbeat.com

ppr.usemason.com

valientesconjesus.com

www.wahajhassan.com

waveringstripes.com

wetheconspirators.com

tourcheck.wieprecht.link

lab.zaigetech.com

zaynbhatti.site

Free Cloud Credits

Get free credits to test cloud platforms