SSL Certificate Analysis for tbdsgr.bindrest.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=955127.loan

Issuer

C=US, O=Let's Encrypt, CN=YR1

Valid From

June 18, 2026

Valid Until

September 16, 2026 82 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

35:E1:D9:F1:A7:69:2C:99:85:0F:7E:DA:BC:8E:27:AC:EE:58:C9:A6:3D:EA:B5:6E:D5:77:4F:39:5B:2E:A1:83

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

bindrest.com *.bindrest.com

Other domains in certificate

92232.club *.92232.club

93652.one *.93652.one

94518.loan *.94518.loan

955127.loan *.955127.loan

95702.loan *.95702.loan

95705.loan *.95705.loan

95706.loan *.95706.loan

95707.loan *.95707.loan

95709.loan *.95709.loan

97035.club *.97035.club

accessfixsolutions.com *.accessfixsolutions.com

afraone.com *.afraone.com

agedwhiskies.com *.agedwhiskies.com

ahtnp.loan *.ahtnp.loan

aiagentsid.com *.aiagentsid.com

akbqy.loan *.akbqy.loan

ambulances.xyz *.ambulances.xyz

appreplyhq.com *.appreplyhq.com

arisahelthdataincident.com *.arisahelthdataincident.com

art-exp.com *.art-exp.com

artrageousdesserts.com *.artrageousdesserts.com

asful.cn *.asful.cn

asklq.bid *.asklq.bid

asklu.bid *.asklu.bid

askme.blog *.askme.blog

atcon.bid *.atcon.bid

awerness-journey.club *.awerness-journey.club

bdxav.host *.bdxav.host

beigenee.vip *.beigenee.vip

bluepill.top *.bluepill.top

bonus3651.xyz *.bonus3651.xyz

buymarthasvineyard.com *.buymarthasvineyard.com

buymckinney.com *.buymckinney.com

carlmarksadvisor.com *.carlmarksadvisor.com

cbr8aus2h5api.xyz *.cbr8aus2h5api.xyz

centeredpulsezone.xyz *.centeredpulsezone.xyz

chickenit.xyz *.chickenit.xyz

chickenit2.xyz *.chickenit2.xyz

cloudvelvok.com *.cloudvelvok.com

cosmospace194.shop *.cosmospace194.shop

cqs325r.top *.cqs325r.top

csuiteaiq.com *.csuiteaiq.com

ctxquswkrji.xyz *.ctxquswkrji.xyz

uniqueshop24.xyz *.uniqueshop24.xyz