SSL Certificate Analysis for api.geekinbox.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=87831.pictures

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 06, 2026

Valid Until

May 07, 2026 85 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

20:4C:88:BA:71:6B:4A:82:8C:71:92:DE:2C:06:98:76:2E:FC:8E:3F:F7:BC:7F:85:BB:0D:26:0E:37:4F:57:21

Alternative Names

91 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

91 domains

geekinbox.com *.geekinbox.com *.mlkrnwp.geekinbox.com

Other domains in certificate

87831.pictures *.87831.pictures

89274.top *.89274.top

90254.co *.90254.co

90257.co *.90257.co

92192.democrat *.92192.democrat

92911.vip *.92911.vip

94023.win *.94023.win

958015.mobi *.958015.mobi

96148.cyou *.96148.cyou

972568.pictures *.972568.pictures

994711.com *.994711.com

9w7oh1cp.top *.9w7oh1cp.top

acldog.com *.acldog.com

aerialpark.com *.aerialpark.com

ajkedwie.info *.ajkedwie.info

ak88kinggame.com *.ak88kinggame.com

fdfk7809.nl *.fdfk7809.nl

fight4dei.org *.fight4dei.org

findyourbookssource.xyz *.findyourbookssource.xyz

finedeveloper.com *.finedeveloper.com

fitkaroniiosdalarz.cyou *.fitkaroniiosdalarz.cyou

fitnessalignjourney.run *.fitnessalignjourney.run

fnymnfxsnbhxwbbrryqn.com *.fnymnfxsnbhxwbbrryqn.com

foodmonterroir.com *.foodmonterroir.com

forbookhalla.com *.forbookhalla.com

foroeurosongcontest.es *.foroeurosongcontest.es

fortunecoinscasino.link *.fortunecoinscasino.link

funerariacrematorioccarrascosa.es *.funerariacrematorioccarrascosa.es

futt.net *.futt.net

fwmceg.com *.fwmceg.com

gangneungmassage.site *.gangneungmassage.site

gangster.es *.gangster.es

ganhepontos.club *.ganhepontos.club

gaos1.xyz *.gaos1.xyz

gc5qvuu0j.buzz *.gc5qvuu0j.buzz

gianttigersurvey.online *.gianttigersurvey.online

gimcheonoffice.site *.gimcheonoffice.site

gograb.xyz *.gograb.xyz

goodkijangwin.com *.goodkijangwin.com

gorontalokini.id *.gorontalokini.id

gotthepart.com *.gotthepart.com

gpaxsn.pro *.gpaxsn.pro

grabtransport.com *.grabtransport.com

grafos.co *.grafos.co