SSL Certificate Analysis for app.eatintakeout.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=63661.club

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 26, 2026

Valid Until

August 24, 2026 69 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

68:AA:0D:9F:3E:EC:55:4C:BD:D8:98:92:A6:9E:AF:5E:11:DF:90:87:E0:C0:57:7A:12:4E:EE:35:74:96:B2:D2

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

eatintakeout.com *.eatintakeout.com

Other domains in certificate

238ds.com *.238ds.com

29253.pro *.29253.pro

35237.pro *.35237.pro

36404.my *.36404.my

52237.pro *.52237.pro

52847.club *.52847.club

543974.com *.543974.com

595813.top *.595813.top

633293.com *.633293.com

63661.club *.63661.club

65803.my *.65803.my

6ng2.cc *.6ng2.cc

6sxtxpq5dn2ulf3.cc *.6sxtxpq5dn2ulf3.cc

71851.blog *.71851.blog

an99.gdn *.an99.gdn

andarahoki.vip *.andarahoki.vip

basyysab.com *.basyysab.com

bergstom.com *.bergstom.com

china-rgb.com *.china-rgb.com

cosmbooks.com *.cosmbooks.com

dmdb12.com *.dmdb12.com

easyfinanzprojectapp.com *.easyfinanzprojectapp.com

ebikeankauf.com *.ebikeankauf.com

eccxxjs594.vip *.eccxxjs594.vip

enegotiation.com *.enegotiation.com

indoorfish.com *.indoorfish.com

labsmk.com *.labsmk.com

nftonline.org *.nftonline.org

numeros-de-putas.net *.numeros-de-putas.net

onlinedomainauction.com *.onlinedomainauction.com

openhmrservicingsite.com *.openhmrservicingsite.com

promplastic.com *.promplastic.com

quotesnew.com *.quotesnew.com

qwyeowqyueoas9d6.cc *.qwyeowqyueoas9d6.cc

rahti-shop.com *.rahti-shop.com

rnvqi.loan *.rnvqi.loan

storage-jobs-0k8u6o0x7b5.sbs *.storage-jobs-0k8u6o0x7b5.sbs

top10realmoneyonlinecasinos.top *.top10realmoneyonlinecasinos.top

v34f5q9tf.top *.v34f5q9tf.top

vsdvs.vip *.vsdvs.vip

vv8677.cc *.vv8677.cc

wirapoker88.com *.wirapoker88.com

worldchristiantracts.com *.worldchristiantracts.com

xingse75.life *.xingse75.life