SSL Certificate Analysis for app.id3.app - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=bebefoto.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 27, 2026

Valid Until

July 26, 2026 65 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

0E:36:41:7F:0D:4C:28:5C:01:1A:85:F9:07:C3:86:92:DD:0C:9F:A7:0E:2D:20:CC:DC:19:CE:90:F2:CB:84:49

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

id3.app *.id3.app *.m.id3.app

Other domains in certificate

ascetic.life *.ascetic.life

bebefoto.com *.bebefoto.com *.m.bebefoto.com *.sitemap.bebefoto.com *.sitemaps.bebefoto.com

capurroecevasco.it *.capurroecevasco.it *.imap.capurroecevasco.it *.mail.capurroecevasco.it *.mx.capurroecevasco.it

*.1688.comdomains.com *.555c.comdomains.com *.91.comdomains.com *.bddomains.comdomains.com *.by1195.comdomains.com *.cheapdomains.comdomains.com *.cicd.comdomains.com *.clover.comdomains.com comdomains.com *.comdomains.com *.glodon.comdomains.com *.google.comdomains.com *.hanir.comdomains.com *.help.comdomains.com *.hugedawn.comdomains.com *.hugerecipe.comdomains.com *.hugeredtube.comdomains.com *.hugesandgrid.comdomains.com *.hugewordlegame.comdomains.com *.hugtodesk.comdomains.com *.lakala.comdomains.com *.lcbxw.comdomains.com *.m.comdomains.com *.redtube.comdomains.com *.roark.comdomains.com *.shangmenanmo.comdomains.com *.skystra.comdomains.com *.vpn.comdomains.com *.warpark.comdomains.com *.wesleyvirgin.comdomains.com *.wiki.comdomains.com *.www.comdomains.com *.xahulanw.comdomains.com

*.duejwma871sa888.humeiavwzapz83.xyz *.dyruwa82vq888.humeiavwzapz83.xyz *.hfymwis85aw888.humeiavwzapz83.xyz humeiavwzapz83.xyz *.humeiavwzapz83.xyz *.seywxp87zi888.humeiavwzapz83.xyz *.ww25.humeiavwzapz83.xyz *.ww38.humeiavwzapz83.xyz

*.1eft.infocn.org *.7zyrf.infocn.org *.bc.infocn.org *.die.infocn.org *.ed.infocn.org *.eds.infocn.org *.fy.infocn.org infocn.org *.infocn.org *.lk.infocn.org *.lth.infocn.org *.org-www.infocn.org *.pp30.infocn.org *.renzheng.infocn.org *.rongzhi.infocn.org *.tanzi.infocn.org *.tt42.infocn.org *.xxjj88.infocn.org

*.70th.keybitgate.my keybitgate.my *.keybitgate.my *.sitemap.keybitgate.my

la-chinitas-restaurant.com *.la-chinitas-restaurant.com *.random.la-chinitas-restaurant.com *.ww16.la-chinitas-restaurant.com *.ww25.la-chinitas-restaurant.com

resting.place *.resting.place *.s.resting.place

sephardichouse.org *.sephardichouse.org *.ww38.sephardichouse.org *.www.sephardichouse.org