SSL Certificate Analysis for www.maisoneight.org - Security Grade & TLS Configuration

Open Cached · 1m ago

77/100 SECURITY SCORE

Certificate Information

Subject

CN=southbox.se

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

October 23, 2025

Valid Until

January 21, 2026 63 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

4A:DC:50:DF:BC:C2:19:F1:70:65:DC:C7:AC:53:7E:CA:22:B0:61:1D:11:DF:3D:29:80:F4:62:BB:A2:D7:4A:3E

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

www.maisoneight.org

Other domains in certificate

anlogiq.com

uat-link.apollo.no

cao-sabic-lbv.appdashboard.nl

cookie.avada.io

app.axora.life

app.bintango.com

www.calif.io

auth.captionfy.io

yomanet.co.il

agr.com.ec

www.sat.com.pr

www.contemporaryintl.com

connect.cooeyhealth.com

coogen.eu

creationwissa.ca

crodile.com.br

db.dabeeb.co

cube.danrcohen.com

duman-lounge.de

permit.egetechno.com

devangularjsfoundationcode.ehryourway.com

www.eksplortrips.com

admin.eliteonegroup.com

www.empowersgroup.com

www.erickh.info

website.featsapp.com

chile.fitpass.app

forcaplay.com

foxi.li

qrcheck.ftcyl.es

girisimci.nl

easytask.gkfcsolution.com

www.hamlt.com

fulfillment-dev.hotwaxsystems.com

legal.hydroindustries.dev

ilkbvirginiabeach.impactwrap.com

vidyadayini.indiandevelopers.org

intersum.com.mx

api.intothecryptoverse.com

inxson.com

risks.johnfowler.co.uk

www.kadcollective.org

kannimariyaltraders.com www.kannimariyaltraders.com

admin.api.kuwaitfi.org

www.leanovatesolutions.com

cuentanos.linuras.com

logisurge.com

phasmo.lucafloesser.me

magicfolders.app

rn.manasaga.com

manaspratap.com

memofichas.com

www.miguelvelezzamora.com

mister-events.com

share-crimetak-dev.mobiletak.com

clientes.mueblesmc.com.ar

myditation.app

dashboard.mykargo.com

web-templates.nanosoft.co.za

visas.nbisinternational.com

www.mifacturador.net.pe

sdk-docs.nexus.xyz

niteshwaghmare.dev

www.nivelateonline.com.mx

opriori.com

starlogistics.org.in

bc.pancakehat.dev

pedidoflama.com.br

www.perdmap.com

www.perfectprojet.com

pge.link

www.pickery.io

app.rkookr.com

rkphotoflash.com

saborearresto.com.br

contractors.sheqintel.com forms.sheqintel.com

astrology.skota.in

socius.law

southbox.se

spurningar.is

portal.ssvtraders.in

story-sparks.com

g1.bugsearch.sukina.cloud

link.taisigroup.com

www.techspert.nl

rk-pilates-reformer-y-yoga.timp.io

www.trevor-harris.us

oms-sales.tridotstech.com

wellnessstudio.turnosweb.app

tasks.unibs.it

www.vasogen.bio

app.vveplantage.nl

www.warm-aanbevolen-zonmw.nl

webivale.com

werkenbijbuurtzorg.nl