SSL Certificate Analysis for api.sexyboss.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=subtitletools.net

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 29, 2026

Valid Until

July 28, 2026 77 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

52:F7:D1:BB:9B:A6:3B:03:6B:72:27:9B:C9:AB:5E:0E:62:CE:44:34:CF:13:79:5D:F4:4D:4D:00:92:21:E9:4F

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

sexyboss.com *.sexyboss.com *.123.sexyboss.com *.api.sexyboss.com *.cp.sexyboss.com *.dir.sexyboss.com *.download.sexyboss.com *.edge.sexyboss.com *.fun.sexyboss.com *.images.sexyboss.com *.img.sexyboss.com *.lib.sexyboss.com *.life.sexyboss.com *.map.sexyboss.com *.mx.sexyboss.com *.nl.sexyboss.com *.ns2.sexyboss.com *.old.sexyboss.com *.pro.sexyboss.com *.test.sexyboss.com *.tienda.sexyboss.com *.training.sexyboss.com *.ww1.sexyboss.com *.www-1.sexyboss.com *.xml.sexyboss.com

Other domains in certificate

*.100.actionplayevent.com *.1983.actionplayevent.com *.451.actionplayevent.com *.452.actionplayevent.com *.454.actionplayevent.com *.460.actionplayevent.com *.461.actionplayevent.com *.462.actionplayevent.com *.463.actionplayevent.com *.473.actionplayevent.com actionplayevent.com *.actionplayevent.com *.com451.actionplayevent.com *.ww38.actionplayevent.com

*.admin.bestanswer.it *.analytic.bestanswer.it *.backend.bestanswer.it bestanswer.it *.bestanswer.it *.demo.bestanswer.it *.mail.bestanswer.it

chemix.online *.chemix.online *.go.chemix.online *.shrt.chemix.online

idj.life *.idj.life

*.2.paghi.it *.analytics.paghi.it *.dashboard.paghi.it *.data.paghi.it *.demo.paghi.it *.eggcloud.paghi.it *.hostmaster.paghi.it *.mi.paghi.it paghi.it *.paghi.it *.redash.paghi.it *.superset.paghi.it

perverted.life *.perverted.life

prodottidellapuglia.it *.prodottidellapuglia.it *.remote.prodottidellapuglia.it

*.38.sdwinelover.com *.backup.sdwinelover.com *.cpanel.sdwinelover.com *.hostmaster.sdwinelover.com *.rds.sdwinelover.com *.remote.sdwinelover.com sdwinelover.com *.sdwinelover.com *.smtp.sdwinelover.com *.soa.sdwinelover.com *.ww38.sdwinelover.com *.www.sdwinelover.com

smarttested.life *.smarttested.life

subtitletools.net *.subtitletools.net *.ww38.subtitletools.net

*.random.universtyequality.com universtyequality.com *.universtyequality.com *.ww25.universtyequality.com