SSL Certificate Analysis for ssh.givetrips.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=carcenter.co

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 24, 2026

Valid Until

May 25, 2026 87 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

4C:D9:A7:BE:35:11:09:F6:96:BE:EF:4A:05:70:8E:47:49:F7:AF:C6:D2:E9:40:83:29:EB:47:60:4A:32:5D:3B

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

givetrips.com *.givetrips.com

Other domains in certificate

03825.co *.03825.co

17548.lgbt *.17548.lgbt

33yyjj.cc *.33yyjj.cc

42452.co *.42452.co

43377cc.com *.43377cc.com

608sf.cc *.608sf.cc

66965.co *.66965.co

6u66.co *.6u66.co

79560.co *.79560.co

833.biz *.833.biz

83460.cc *.83460.cc

84841.work *.84841.work

87040.co *.87040.co

929444.top *.929444.top

9973.loan *.9973.loan

99yykk.cc *.99yykk.cc

9fzyouku9tt8s.top *.9fzyouku9tt8s.top

a56x.cc *.a56x.cc

aectsz.cc *.aectsz.cc

agenticbet.world *.agenticbet.world

btcfitoken.com *.btcfitoken.com

carcenter.co *.carcenter.co

careforlifee.com *.careforlifee.com

sunyear.com.cn *.sunyear.com.cn

coworking-space-near-mb5.click *.coworking-space-near-mb5.click

dqetaobao3txcq.top *.dqetaobao3txcq.top

gamble-lucky-money.xyz *.gamble-lucky-money.xyz

hs97l.xyz *.hs97l.xyz

hs99h.xyz *.hs99h.xyz

kios77shop.com *.kios77shop.com

moviebuff.me *.moviebuff.me

mpgn.xyz *.mpgn.xyz

mslot99com.pro *.mslot99com.pro

pitoken.org *.pitoken.org

platestands.co.uk *.platestands.co.uk

propriomarche.net *.propriomarche.net

richtek.co.za *.richtek.co.za

seeuec.com *.seeuec.com

shops2.cc *.shops2.cc

tomalesca.com *.tomalesca.com

westernpacificpainting.com *.westernpacificpainting.com

wwwmyyl.me *.wwwmyyl.me

wxd-cabinet.com *.wxd-cabinet.com

yvrsc.academy *.yvrsc.academy