SSL Certificate Analysis for 6078434.cc - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=2222801a0.sbs

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 28, 2026

Valid Until

July 27, 2026 76 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

94:38:47:AF:A2:D9:30:90:F6:F1:22:4C:BA:2A:91:0D:6C:57:8D:39:02:40:84:71:41:52:B3:28:D7:36:EE:9C

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

6078434.cc *.6078434.cc

Other domains in certificate

2222801a0.sbs *.2222801a0.sbs

270594.xyz *.270594.xyz

29630.my *.29630.my

5sb7paa.cc *.5sb7paa.cc

6078432.cc *.6078432.cc

6078453.cc *.6078453.cc

7c369.com *.7c369.com

89503.pet *.89503.pet

89767.blog *.89767.blog

94959.one *.94959.one

a2aemail.com *.a2aemail.com

agenticgusto.com *.agenticgusto.com

careertribeedge.live *.careertribeedge.live

chenguang520.my *.chenguang520.my

darkpool.trade *.darkpool.trade

decoraciondelocales.com *.decoraciondelocales.com

gloriegilkey.com *.gloriegilkey.com

gp3c1tt.cc *.gp3c1tt.cc

hair-transplant-ules.sbs *.hair-transplant-ules.sbs

harriethill.com *.harriethill.com

homebrew.gg *.homebrew.gg

hvdaa.one *.hvdaa.one

hy09665.cc *.hy09665.cc

hyundai-santa-fe-40690.click *.hyundai-santa-fe-40690.click

ipgllbmstqjccea7.com *.ipgllbmstqjccea7.com

kajmcre1674.vip *.kajmcre1674.vip

kdi5008.cc *.kdi5008.cc

kitchen-remodeling.sbs *.kitchen-remodeling.sbs

knightsdesign.com *.knightsdesign.com

kpsvm.gdn *.kpsvm.gdn

marveltopia.com *.marveltopia.com

medusa777.bet *.medusa777.bet

navigatedtravel.live *.navigatedtravel.live

oubao16.com *.oubao16.com

partidopaigc.com *.partidopaigc.com

pawfind.com *.pawfind.com

personal-loan-1us.click *.personal-loan-1us.click

phoenixsecuritycompany.com *.phoenixsecuritycompany.com

premiumfoodsphere.food *.premiumfoodsphere.food

qh6nd9q.cc *.qh6nd9q.cc

qsdjm.gdn *.qsdjm.gdn

rabbitresource.com *.rabbitresource.com

riverscare.com *.riverscare.com

seamlessinnovations.com *.seamlessinnovations.com