SSL Certificate Analysis for api.ahijada.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=cinecin.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 05, 2026

Valid Until

May 06, 2026 86 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

AC:77:54:A1:86:5C:D0:D5:C9:C4:58:32:DF:88:1B:57:F0:06:07:6C:41:72:1F:44:9B:97:AC:FB:42:F8:C3:1C

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

ahijada.com *.ahijada.com *.assets.ahijada.com *.cunole.ahijada.com *.my.ahijada.com *.ww38.ahijada.com *.ww41.ahijada.com *.ww5.ahijada.com

Other domains in certificate

archivach.site *.archivach.site *.i.archivach.site *.x3gytj4m7j.archivach.site

*.ability.avfhpqsd.com *.absorb.avfhpqsd.com *.action.avfhpqsd.com *.address.avfhpqsd.com *.admit.avfhpqsd.com *.adopt.avfhpqsd.com *.advise.avfhpqsd.com *.agenda.avfhpqsd.com *.aide.avfhpqsd.com *.airport.avfhpqsd.com *.alive.avfhpqsd.com *.among.avfhpqsd.com *.amount.avfhpqsd.com *.anger.avfhpqsd.com *.appeal.avfhpqsd.com *.apply.avfhpqsd.com *.armed.avfhpqsd.com *.art.avfhpqsd.com *.assure.avfhpqsd.com *.author.avfhpqsd.com avfhpqsd.com *.avfhpqsd.com *.avoid.avfhpqsd.com *.aware.avfhpqsd.com *.bake.avfhpqsd.com *.basis.avfhpqsd.com *.big.avfhpqsd.com *.blade.avfhpqsd.com *.blame.avfhpqsd.com *.board.avfhpqsd.com *.born.avfhpqsd.com *.bother.avfhpqsd.com *.box.avfhpqsd.com *.branch.avfhpqsd.com *.breathe.avfhpqsd.com *.bridge.avfhpqsd.com *.broad.avfhpqsd.com *.buyer.avfhpqsd.com *.career.avfhpqsd.com *.cell.avfhpqsd.com *.central.avfhpqsd.com *.h4bwz2.avfhpqsd.com *.h5fcz1.avfhpqsd.com *.h5g4z2.avfhpqsd.com *.h5huz8.avfhpqsd.com *.h5jhz6.avfhpqsd.com *.h5p5z1.avfhpqsd.com *.h5r4z4.avfhpqsd.com *.h5srz2.avfhpqsd.com

bcmshospital.com *.bcmshospital.com *.com.bcmshospital.com

*.cicd.cinecin.com cinecin.com *.cinecin.com *.ciscoasa.cinecin.com *.smallville.cinecin.com

clarkfamily.net *.clarkfamily.net *.ww16.clarkfamily.net

elalambique.com *.elalambique.com *.new.elalambique.com *.wiki.elalambique.com

ghanima.com *.ghanima.com *.sdp.ghanima.com

*.ah.himebusiness.com *.alaaztech.himebusiness.com himebusiness.com *.himebusiness.com *.himegdesign.himebusiness.com *.nh.himebusiness.com

merrypopping.com *.merrypopping.com *.portal.merrypopping.com *.topics.merrypopping.com