SSL Certificate Analysis for 97c.lat - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=xmldc2.sbs

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 17, 2026

Valid Until

May 18, 2026 82 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

4D:FF:95:12:8F:89:80:B2:09:F0:94:5F:16:FC:9E:78:92:8A:D1:92:C4:FC:9E:CA:69:D2:62:56:B6:05:C2:73

Alternative Names

92 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

92 domains

97c.lat *.97c.lat

Other domains in certificate

616320.co *.616320.co

6331167.com *.6331167.com

637997.com *.637997.com

70562.cc *.70562.cc

adcrafted.com *.adcrafted.com

aigrok3.com *.aigrok3.com

arrnnn.net *.arrnnn.net

b2bprospect.us *.b2bprospect.us

beginrestaurante.xyz *.beginrestaurante.xyz

bigoashflow.cfd *.bigoashflow.cfd

*.5d0ecc-6a42-4b9c-8a32-8583f5893bc3.bitpharaoh.tech bitpharaoh.tech *.bitpharaoh.tech

bizoasttrack.qpon *.bizoasttrack.qpon

bizoevelup.qpon *.bizoevelup.qpon

bizohrive.cfd *.bizohrive.cfd

bizompower.qpon *.bizompower.qpon

bunonesspower.cfd *.bunonesspower.cfd *.spb.bunonesspower.cfd

canopower.cfd *.canopower.cfd

canorushnow.qpon *.canorushnow.qpon

commoditytokens.com *.commoditytokens.com

depaiar.com *.depaiar.com

evvoia.net *.evvoia.net

eyzct.studio *.eyzct.studio

f6guxix.top *.f6guxix.top

f9lghct.cyou *.f9lghct.cyou

facecomparison.com *.facecomparison.com

forouneelite.qpon *.forouneelite.qpon *.spb.forouneelite.qpon

forounevault.cfd *.forounevault.cfd

forwardmotion.click *.forwardmotion.click

fzs38.top *.fzs38.top

goldbusinessevents.com *.goldbusinessevents.com

goloenmoney.my *.goloenmoney.my

growthonline.blog *.growthonline.blog

hs91z.xyz *.hs91z.xyz

jgewxn.cn *.jgewxn.cn

kumpulanslot.org *.kumpulanslot.org

maxooldhub.qpon *.maxooldhub.qpon

sorarelease.com *.sorarelease.com

spatialdepai.com *.spatialdepai.com

spatialn.com *.spatialn.com

tradeshowwarrior.com *.tradeshowwarrior.com

uvyrp.net *.uvyrp.net

*.ww17.xmldc2.sbs xmldc2.sbs *.xmldc2.sbs

yanakhimova.com *.yanakhimova.com