SSL Certificate Analysis for testing.davidsbrial.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=throttleshift.co.uk

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 01, 2026

Valid Until

July 30, 2026 47 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

AC:A9:3D:2F:F5:CF:81:70:11:1D:B6:2F:00:C3:CE:1D:A5:B1:04:57:3D:EC:3B:B7:88:D2:2B:28:6A:B8:2F:86

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

davidsbrial.com *.davidsbrial.com *.testing.davidsbrial.com

Other domains in certificate

*.12-inch.12inch.store 12inch.store *.12inch.store *.ceramic.12inch.store *.dewalt.12inch.store *.frame.12inch.store *.memory-foam-mattress-twin.12inch.store *.nmc.12inch.store *.signature-sleep.12inch.store *.starrett.12inch.store *.viking-culinary.12inch.store

bleeg.com *.bleeg.com *.hostmaster.bleeg.com

botswanaifsc.com *.botswanaifsc.com *.random.botswanaifsc.com *.rocksteadydivecenter.botswanaifsc.com *.ww25.botswanaifsc.com

defects.au *.defects.au

eastern-queen.co.uk *.eastern-queen.co.uk *.ww25.eastern-queen.co.uk *.ww38.eastern-queen.co.uk

escoluce.com *.escoluce.com

foresthill.au *.foresthill.au

greatwkanacafe.com *.greatwkanacafe.com *.ww16.greatwkanacafe.com

koerperfunktionen.de *.koerperfunktionen.de *.random.koerperfunktionen.de

miranahotel.com *.miranahotel.com

*.anketa.oto.sk oto.sk *.oto.sk *.ww38.oto.sk

*.ccp.oyom.com *.mail.oyom.com oyom.com *.oyom.com

pacs.it *.pacs.it

phl.au *.phl.au

*.git.piccadilly.live *.hostmaster.piccadilly.live piccadilly.live *.piccadilly.live

rentstar.com *.rentstar.com *.ww38.rentstar.com

responsivedrivingschool.com.au *.responsivedrivingschool.com.au *.superset.responsivedrivingschool.com.au

settees.com.au *.settees.com.au *.ww25.settees.com.au

spectran.au *.spectran.au *.ww25.spectran.au *.ww38.spectran.au

thehouseplantfix.com *.thehouseplantfix.com

*.com-vn.throttleshift.co.uk *.fiverr-com.throttleshift.co.uk *.gov-vn.throttleshift.co.uk *.quochoi-vn.throttleshift.co.uk throttleshift.co.uk *.throttleshift.co.uk

titleloan.it *.titleloan.it

*.hostmaster.unstallturbotax.com unstallturbotax.com *.unstallturbotax.com

*.edu.utusan.com *.m.utusan.com utusan.com *.utusan.com *.ww17.utusan.com *.www.utusan.com

wirelessster.com *.wirelessster.com