SSL Certificate Analysis for analytic.d-r.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=real-le.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

March 21, 2026

Valid Until

June 19, 2026 54 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

A8:3F:47:BC:6B:B5:75:13:72:4D:B1:05:D9:0A:59:0C:EF:B8:3A:A7:E2:61:C9:73:99:6B:2A:B0:6C:E0:02:21

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

d-r.it *.d-r.it *.admin.d-r.it *.analytic.d-r.it *.analytics.d-r.it *.api.d-r.it *.app.d-r.it *.backend.d-r.it *.data.d-r.it *.demo.d-r.it *.hostmaster.d-r.it *.metric.d-r.it *.staging.d-r.it *.superset.d-r.it

Other domains in certificate

05444.bet *.05444.bet

9a8b.com *.9a8b.com *.buzz.9a8b.com *.com.9a8b.com *.con.9a8b.com *.hhttp.9a8b.com *.io.9a8b.com *.me.9a8b.com *.tv.9a8b.com *.vip.9a8b.com

anonymousfiles.io *.anonymousfiles.io *.api.anonymousfiles.io *.api2.anonymousfiles.io *.app.anonymousfiles.io *.catbox.anonymousfiles.io *.g0.anonymousfiles.io *.gist.anonymousfiles.io *.key.anonymousfiles.io *.ww38.anonymousfiles.io

cash4carsalaska.com *.cash4carsalaska.com

*.aafc2c19-83fa-468d-97d0-01dbef209837.cetakidentitas.com *.accounts.cetakidentitas.com *.admin.cetakidentitas.com *.assets.cetakidentitas.com *.backup.cetakidentitas.com cetakidentitas.com *.cetakidentitas.com *.demo.cetakidentitas.com *.rdweb.cetakidentitas.com

hlw55.life *.hlw55.life

*.cmap.ihms.us *.cmapspublic.ihms.us *.crnapspublic2.ihms.us *.hotfix.ihms.us ihms.us *.ihms.us *.pipeline.ihms.us *.qa.ihms.us *.ww25.ihms.us

mogurin.com *.mogurin.com *.mx.mogurin.com

oruh3jt.top *.oruh3jt.top

real-le.com *.real-le.com *.www.real-le.com

*.00c21633-2684-4703-80fb-86c7d1805f83.vfgty.dad *.2e0f681e-8815-4586-88df-790f0858ba46.vfgty.dad *.admin.vfgty.dad *.api.vfgty.dad *.app.vfgty.dad *.assets.vfgty.dad *.autodiscover.vfgty.dad *.c1692cfb-4803-4616-af44-04c4af7c1cca.vfgty.dad *.c5071453-547e-4e0d-b577-c93e2045f2b4.vfgty.dad *.demo.vfgty.dad *.dev.vfgty.dad *.hostmaster.vfgty.dad *.test.vfgty.dad vfgty.dad *.vfgty.dad *.www.vfgty.dad

whha21.cfd *.whha21.cfd

*.random.zahratorabi.com zahratorabi.com *.zahratorabi.com

zxsjuaqa0117.top *.zxsjuaqa0117.top