SSL Certificate Analysis for vinylbox.app - Security Grade & TLS Configuration

Open Cached · just now

89/100 SECURITY SCORE

Certificate Information

Subject

CN=sergiogf.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

October 24, 2025

Valid Until

January 23, 2026 47 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

34:84:49:75:70:C3:4E:B6:C0:5E:AE:10:E6:82:61:BF:E6:59:FF:B1:5D:57:6C:0D:B0:C1:78:8B:44:3A:4A:50

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Good

upgrade-insecure-requests; default-src; img-src; +11 more

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Strengthen CSP by removing 'unsafe-eval'
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

vinylbox.app

Other domains in certificate

www.1313railroad.com

404.cube.dj

app.affirmdaily.com

www.alexfriedman.tech

cissp.almobdioon.com

lojastopmoveis.appshare.com.br

weather.atominfo.tech

kitcheners-staging.b-arro.ws

batralawoffice.com

www.beightstudios.com

app.bikefinder.it

app.biota.land

letters.brainsprays.com

app.bunkin.jp

burakerdem.tr

www.capgridsolutions.com

blog.cawpea.me

centrulminerva.ro

jz.clian.net

app.clipreply.com

nt-connect.co.il

fable.co.in

ad.dostesting.co.ke

www.codaaa.xyz

codehelio.com

spinecentre.com.hk

www.computeintel.com

www.conntec.net

www.crustytrump.com

daruzo.com

delightfuldaysdaycare.com

www.delorge.be

dentalkpdc.com

developeraspirations.com

diamondalmirah.com

droptaxinow.com

stage.dyggame.com

freehair.edsys.com.br

eholde.com

champ.eu.com

app.fiil.io

swan-operator-test1.fleet-dev.com

a0cw.foodle.su

gamsoft.eu

www.geer.solutions

geopix.app

tvos.golfpass.app

www.handiglijstje.nl

www.helloworldapp.com

hoowith.com

ilmalammox.fi

impactwrap.dev

sandbox.restaurante.inboxfood.com.br

beta.pnx.inpraxi.de

firebase.insvilablareix.net

intpcat.net

app-calculator-dashboard.itlicious.be

johanekroth.com

polar.lernzettel.org

plataforma.liftaviation.com.br

www.lockviewlive.com

mcnet.in

www.norkin.org

be.ntntnl.com

pdsind.in

pellet2d.com

www.pixelschmiede.com

www.pond6.com

fractional.proveanything.com

portal.pyneapp.com

assessments.qualiphisummit.com

www.rbper.com.br

rimenergies.com

rice.pulse.sasaki.com

sergiogf.com

app.server-watchdog.com

www.shiba888.bet

siddhashri.com

singlecasemva.app

composer-search.sld.codes

sneakytools.io

dev.proxy.sokuyaku.jp

stg.auth.sozi.co.jp

sparko.studio

auth.speakylink.com

www.subastabot.es

deuce.tckatteberg.be

thebookclub.app

www.thequoteapi.com

www.thesfactor.ca

www.trellisconnect.com

webcomponents.truckstop.com

crewfit.turnosweb.app

auth.uniweb.no

www.veggen.se

www.webassembly.us

www.wellztech.com

dashboard.wingside.ng

stg.writer.app