SSL Certificate Analysis for simons.freshservice.co - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=voiceswest.net

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 15, 2026

Valid Until

August 13, 2026 70 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

52:DF:CC:F8:95:C7:F6:F7:70:2E:2E:0C:4A:8F:86:92:DA:FE:C8:9B:92:74:7C:05:69:A1:A7:03:64:A1:D7:F0

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

freshservice.co *.freshservice.co

Other domains in certificate

002222.co *.002222.co

27382195.vip *.27382195.vip

33194.blog *.33194.blog

4333414e.vip *.4333414e.vip

450457.one *.450457.one

484681.vip *.484681.vip

579831.loan *.579831.loan

61390.mobi *.61390.mobi

64059.co *.64059.co

78399.co *.78399.co

83271.co *.83271.co

911198.app *.911198.app

aiquant8.vip *.aiquant8.vip

birdcrap.com *.birdcrap.com

bv6npx.org *.bv6npx.org

bymichele.com *.bymichele.com

cbal.co.kr *.cbal.co.kr

cbdc.life *.cbdc.life

choosehelixia.pro *.choosehelixia.pro

christopherngili.com *.christopherngili.com

citsmerger.finance *.citsmerger.finance

cloudpulsecore.xyz *.cloudpulsecore.xyz

cosmic-techhub.xyz *.cosmic-techhub.xyz

dentalista.es *.dentalista.es

dewagacor89.cfd *.dewagacor89.cfd

dmabe.com *.dmabe.com

galaxychallenge217.top *.galaxychallenge217.top

h5h8.art *.h5h8.art

hellotrial.com *.hellotrial.com

j1gezktf.top *.j1gezktf.top

j5braes5.top *.j5braes5.top

ma456.cn *.ma456.cn

nemstein.motorcycles *.nemstein.motorcycles

nirjdeva.com *.nirjdeva.com

pintu-buy138.xyz *.pintu-buy138.xyz

poaqcif.com *.poaqcif.com

pornfirm.com *.pornfirm.com

qfqpkx.cc *.qfqpkx.cc

sfh35.icu *.sfh35.icu

smartcompasspro.xyz *.smartcompasspro.xyz

tasks-aimour.xyz *.tasks-aimour.xyz

voiceswest.net *.voiceswest.net

vtmfig.qpon *.vtmfig.qpon

w13727692.com *.w13727692.com