SSL Certificate Analysis for app.dewan69.org - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=cineplex.live

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

June 01, 2026

Valid Until

August 30, 2026 72 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

2C:24:BE:88:AA:AB:3A:6A:BF:FE:A6:EA:46:08:8F:40:C1:28:D7:B9:9F:EE:DE:5B:7D:33:1D:AD:1F:E3:A3:37

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

dewan69.org *.dewan69.org

Other domains in certificate

cineplex.live *.cineplex.live

cms-sgj-canada-revenue-gc.com *.cms-sgj-canada-revenue-gc.com

daman-lottery.one *.daman-lottery.one

dollarlogiq.com *.dollarlogiq.com

eepyg.sbs *.eepyg.sbs

embodiedalignment.tech *.embodiedalignment.tech

escortsinwestpalmbeach.com *.escortsinwestpalmbeach.com

f125m2tr.cc *.f125m2tr.cc

fskzq.com *.fskzq.com

fuelmailmendteam.info *.fuelmailmendteam.info

gzdz99.cn *.gzdz99.cn

hfiha.loan *.hfiha.loan

hfuid.site *.hfuid.site

hg909.cn *.hg909.cn

hghmvjlfhbhcmik.cc *.hghmvjlfhbhcmik.cc

jsdew.loan *.jsdew.loan

l5v5gk.cyou *.l5v5gk.cyou

level.boats *.level.boats

linie-praha.net *.linie-praha.net

longzhongma.com.cn *.longzhongma.com.cn

macan33best.com *.macan33best.com

maniaqq.blog *.maniaqq.blog

meetsamp.com *.meetsamp.com

mogcoins.com *.mogcoins.com

naxr4l.cc *.naxr4l.cc

ncowpq84dhsjei27xgfb.top *.ncowpq84dhsjei27xgfb.top

nearby.business *.nearby.business

nefarious.studio *.nefarious.studio

nipcoplcs.com *.nipcoplcs.com

nomadrop.com *.nomadrop.com

papodequadrinho.com *.papodequadrinho.com

pcccor.cc *.pcccor.cc

pcejq.gdn *.pcejq.gdn

robots-arms.com *.robots-arms.com

robots-casino.com *.robots-casino.com

robotshackers.com *.robotshackers.com

robotsoperatingsystem.com *.robotsoperatingsystem.com

robotspub.com *.robotspub.com

role.systems *.role.systems

romfast.live *.romfast.live

rondaml.com *.rondaml.com

sexmupvl.info *.sexmupvl.info

wwwk221333.com *.wwwk221333.com

xframeoptions.com *.xframeoptions.com