SSL Certificate Analysis for api.christensenwebdev.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=8gpyscnuopfy.shop

Issuer

C=US, O=Let's Encrypt, CN=YR1

Valid From

June 01, 2026

Valid Until

August 30, 2026 71 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

93:0E:A8:6C:0A:07:96:C8:53:6C:F9:6C:08:AC:B6:E2:D5:43:BF:45:27:24:30:57:86:C7:84:27:A1:05:39:B6

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

christensenwebdev.com *.christensenwebdev.com

Other domains in certificate

114433ll.top *.114433ll.top

1194yyq301.top *.1194yyq301.top

3bcp.xyz *.3bcp.xyz

4dprizewla.org *.4dprizewla.org

539ee.vip *.539ee.vip

7e6ec543ba7642b0.com *.7e6ec543ba7642b0.com

7starehd.lol *.7starehd.lol

7vab0h.cyou *.7vab0h.cyou

87227.my *.87227.my

88hb88.com *.88hb88.com

8gpyscnuopfy.shop *.8gpyscnuopfy.shop

a390yhj.top *.a390yhj.top

auttus.com *.auttus.com

bbssjj27.cc *.bbssjj27.cc

bullishreservebk.online *.bullishreservebk.online

csd751b.top *.csd751b.top

depnudenow.com *.depnudenow.com

devian.io *.devian.io

diabetes-68754001.sbs *.diabetes-68754001.sbs

edwinmorganaward.com *.edwinmorganaward.com

egp88slot.com *.egp88slot.com

gerd.life *.gerd.life *.ns1.gerd.life

gggg01.vip *.gggg01.vip

gggg33.vip *.gggg33.vip

gggg77.vip *.gggg77.vip

gggloi.buzz *.gggloi.buzz

inspirerrb2bhub.info *.inspirerrb2bhub.info

joguenabet.bet *.joguenabet.bet

kst1.org *.kst1.org

majorfixedmatches.com *.majorfixedmatches.com

maxonshire.com *.maxonshire.com

mibabh.cyou *.mibabh.cyou

pacifcdecorative.com *.pacifcdecorative.com

pcdkc.sbs *.pcdkc.sbs

planetcom.in *.planetcom.in

rqpg7.top *.rqpg7.top

saintrossstore.com *.saintrossstore.com

shopy.bio *.shopy.bio

tulipandrose.shop *.tulipandrose.shop

wwwyy54.net *.wwwyy54.net

xn--k5s68hr02b17p.com *.xn--k5s68hr02b17p.com

xt11v0.cyou *.xt11v0.cyou

yuxsa.com *.yuxsa.com