SSL Certificate Analysis for 04483.one - Security Grade & TLS Configuration

Certificate Information

Subject

CN=00291.cc

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 04, 2026

Valid Until

May 05, 2026 86 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

88:37:A1:B5:D0:1E:98:B9:65:E1:DE:0C:9D:90:D0:77:2E:71:B2:27:7F:BA:76:81:73:52:7B:C8:5F:B5:37:80

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

04483.one *.04483.one

Other domains in certificate

00291.cc *.00291.cc

006512.shop *.006512.shop

006537.shop *.006537.shop

01923.vip *.01923.vip

02601.one *.02601.one

087768.com *.087768.com

stz.fr *.stz.fr

subur88wap.cc *.subur88wap.cc

surat.fyi *.surat.fyi

t37glj1.cyou *.t37glj1.cyou

talkroma.com *.talkroma.com

taximaroc.taxi *.taximaroc.taxi

tbvparts.com *.tbvparts.com

tbzqkdzsxibn.cc *.tbzqkdzsxibn.cc

tc1.it *.tc1.it

tcarv.cam *.tcarv.cam

tccdf.net *.tccdf.net

tccrc.com *.tccrc.com

tcjazzsociety.org *.tcjazzsociety.org

tckcu.im *.tckcu.im

tcniyllbgffd3zm6s9b5.com *.tcniyllbgffd3zm6s9b5.com

tcok192.cyou *.tcok192.cyou

tennislovers.it *.tennislovers.it

terran.partners *.terran.partners

tesla.works *.tesla.works

testlive.xyz *.testlive.xyz

thai99pro.club *.thai99pro.club

theaiemu.com *.theaiemu.com

theav244.xyz *.theav244.xyz

thefitmalaysia.com *.thefitmalaysia.com

themedicines.it *.themedicines.it

theshepherdscalm.com *.theshepherdscalm.com

thethaovui.my *.thethaovui.my

thevintagevegans.com *.thevintagevegans.com

thonsure168-th.com *.thonsure168-th.com

ticketme.com *.ticketme.com

tjisav.com *.tjisav.com

townbmx.com *.townbmx.com

towniness.com *.towniness.com

townshend.school *.townshend.school

towply.com *.towply.com

toxlob.com *.toxlob.com

toxophilitic.com *.toxophilitic.com

toyme.xyz *.toyme.xyz