SSL Certificate Analysis for scschool.org - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=pinterist.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 21, 2026

Valid Until

August 19, 2026 60 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

10:E7:8F:9A:AC:FB:3A:6D:4E:D7:DE:73:F4:B7:47:D2:26:57:43:0E:E1:AA:5C:71:67:85:0C:1F:29:E6:FF:6B

Alternative Names

88 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

88 domains

scschool.org *.scschool.org *.cougarbots.scschool.org *.ww38.scschool.org

Other domains in certificate

156755.com *.156755.com *.bbbb.156755.com *.eat.156755.com *.lpd.156755.com *.m.156755.com *.niz.156755.com *.rms.156755.com *.shop16443434.156755.com *.shop37143958.156755.com *.shop39388422.156755.com *.shop44254999.156755.com *.shop59361751.156755.com *.teg.156755.com

*.admin.etransfert.it *.demo.etransfert.it *.dev.etransfert.it etransfert.it *.etransfert.it *.owa.etransfert.it

*.100.familytraveladventures.xyz familytraveladventures.xyz *.familytraveladventures.xyz

*.api.foodpics.it *.app.foodpics.it *.bi.foodpics.it *.dashboard.foodpics.it *.dashs.foodpics.it foodpics.it *.foodpics.it *.metrics.foodpics.it *.mx.foodpics.it *.qbwhlhostmaster.foodpics.it *.staging.foodpics.it

infyplus88.pro *.infyplus88.pro *.p67jaz.infyplus88.pro

*.fa2tlk.ize555.blog ize555.blog *.ize555.blog

*.b2cw-dev2-live-us.msccruises.co *.careers.msccruises.co *.e.msccruises.co *.expressway01.msccruises.co *.expresswayus01.msccruises.co *.expresswayus02.msccruises.co *.go.msccruises.co *.info.msccruises.co msccruises.co *.msccruises.co *.stage-za.msccruises.co

*.ch.p060760w3e4r85okcisndi1e2ngsp.top *.munijbks.p060760w3e4r85okcisndi1e2ngsp.top p060760w3e4r85okcisndi1e2ngsp.top *.p060760w3e4r85okcisndi1e2ngsp.top

*.app.pinbox.it *.dashboard.pinbox.it pinbox.it *.pinbox.it

pinterist.com *.pinterist.com *.www.pinterist.com

*.api.rtp-gasing777.shop *.app.rtp-gasing777.shop *.bigboss.rtp-gasing777.shop *.boss.rtp-gasing777.shop *.dev.rtp-gasing777.shop *.home.rtp-gasing777.shop *.m.rtp-gasing777.shop *.mobile.rtp-gasing777.shop *.news.rtp-gasing777.shop rtp-gasing777.shop *.rtp-gasing777.shop *.wap.rtp-gasing777.shop *.web.rtp-gasing777.shop

*.jla28.workamplifyymagnet.info *.p48v2d.workamplifyymagnet.info *.sjla28.workamplifyymagnet.info workamplifyymagnet.info *.workamplifyymagnet.info

*.cloud.xn--9kqs48e.com *.nk4p8k.xn--9kqs48e.com xn--9kqs48e.com *.xn--9kqs48e.com