SSL Certificate Analysis for waltergiles.com - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=www.freebeerboards.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

January 12, 2026

Valid Until

April 12, 2026 85 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D9:95:00:67:89:52:6D:3C:B1:6D:E1:86:A7:F7:5C:CB:A1:BE:D7:61:E4:8F:27:2C:7C:3F:53:98:EC:A6:26:79

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

waltergiles.com

Other domains in certificate

www.aeondehorus.com.br

bc.alkan.dev

www.andreymilov.com

www.aviariominguitos.com

beechtree.nl

bicicouriers.com

ts-admin02.demo.bluepark.app

bobbychandokmd.com

www.chrisprescott.net

dreaminsight.co.in

store-dev.compensate.com

contratosremax.com

claim.credmark.com

cutiko.com

danceline-friedberg.de

derecktorventura.com

admin.desiredthaidhs.com

kinoko-timer.dmnk.tech

sms.dropify.link

vqa.dttt.io

dyndone.com

eastcree.app

coffee.ensvee.com

landmark-hive.equiem.mobi

link.esh-derevenskoe.ru

excellearnventures.com

weight.exi.tools

cherrypick.eywa.com

fandance.ru

l.fastfuel-sa.com

www.firstmetal.com

appfoyerdedaux.foyerruraldedaux.fr

www.freebeerboards.com

site.gestao24h.com

www.goldenminds.org

pay.assurantuk.gr4vy.app

dev.project-management.grupoxalka.com macand.grupoxalka.com

gtwebdesign.com.br

api.homegame.uk

incodb.net

eduard-elvira.invito.link

piyasalar.isgold.com

www.jorgesalgado.dev

www.jpde.pt

tracker.kingkiller39.me

www.kleniobraz.com.br

www.kotihoitopalvelutesen.fi

www.kvanefjeld.net

luka.network

moveismagazine.lupi.delivery

dev.magnoliagardens.in

manufacturing-lean.net

mentorbolivia.com

www.aurus.menuqrate.com

mixingboard.org

akyl.moondreams.dev

tools.msplaunchpad.com

link.myshop.mobi

check.nametap.io

nfcsystem76.es

www.admin.onfoco.com

link.ibtikar.org.tr

suite.overture7421.org

olympus-tst.internal.paperbox.ai

www.priscillazanatelli.com

homolog-pitang.prompt-pitang.com

rafiqstudios.co.uk

stg.pentagon.re2fe.com

rocketsignsolutions.com

rosyt.dev

qr.routedin.com

dev.rugbyxp.com

shiyoai.com

lsafbhtest-main-seija.dev.preprod.simasasolutions.com

calendar.skip.work

smartmathkids.com

www.solidangle.fi

poem.sooyadev.com

static.soundrink.com

standchamp.com

stasiunbelajar.com

dev.steelemart.in

b2b.streekproductenplein.nl

studyrealms.com

www.testtube.dev

test2.app.ticketowl.io

toverto.com

auth.uae.estate

undauntedathlete.com

visolent.com

voucher2data.com

www.wachbuero.app

parkeer.web.id

www.wecarebecausehecares.com

writence.com

xtremefrost.com