SSL Certificate Analysis for aws.178.live - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=everydayglamfashion.in

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

January 28, 2026

Valid Until

April 28, 2026 78 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

21:13:B0:0B:24:56:68:4D:90:DC:6A:2F:02:5F:CD:31:71:FB:95:41:F3:E9:25:4B:8E:AE:C7:53:E0:5B:30:29

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

178.live *.178.live *.manhua.178.live

Other domains in certificate

apgn.eu *.apgn.eu *.ww38.apgn.eu

bellem.xyz *.bellem.xyz *.ww38.bellem.xyz

blusky.ca *.blusky.ca *.citrix.blusky.ca *.owa.blusky.ca

bpf.au *.bpf.au *.starterstory.bpf.au

*.citrix.ldi.com.pl *.demo.ldi.com.pl *.dev.ldi.com.pl ldi.com.pl *.ldi.com.pl *.magento.ldi.com.pl *.ns2.ldi.com.pl *.old.ldi.com.pl *.pop.ldi.com.pl *.shop.ldi.com.pl *.staging.ldi.com.pl *.store.ldi.com.pl *.test.ldi.com.pl *.www.ldi.com.pl

*.blogs.everydayglamfashion.in *.dripzy.everydayglamfashion.in everydayglamfashion.in *.everydayglamfashion.in *.gill.everydayglamfashion.in *.rajveer.everydayglamfashion.in

fandamgo.com *.fandamgo.com *.w.fandamgo.com *.webmail.fandamgo.com *.ww.fandamgo.com *.ww25.fandamgo.com

footlooker.com *.footlooker.com *.image.footlooker.com *.ww10.footlooker.com

*.beta.hajjah.com *.demo.hajjah.com hajjah.com *.hajjah.com *.market.hajjah.com *.ww01.hajjah.com *.ww25.hajjah.com *.ww5.hajjah.com

*.cache1.longerbergerbaskets.com longerbergerbaskets.com *.longerbergerbaskets.com *.random.longerbergerbaskets.com *.ww38.longerbergerbaskets.com

mfactory.club *.mfactory.club *.player.mfactory.club *.prostokvashino.mfactory.club

*.beautiful.robbing.net *.devadmin.robbing.net *.relay1.robbing.net robbing.net *.robbing.net *.ww25.robbing.net

*.comnwww.rwspanking.com *.i.rwspanking.com rwspanking.com *.rwspanking.com

*.hostmaster.vrroomtour.com *.random.vrroomtour.com vrroomtour.com *.vrroomtour.com *.www.vrroomtour.com

winthercom.net *.winthercom.net *.ww25.winthercom.net

*.backend.wuqianka.xyz *.cicd.wuqianka.xyz wuqianka.xyz *.wuqianka.xyz *.ww25.wuqianka.xyz *.ww38.wuqianka.xyz

*.ww25.xtffaz.co xtffaz.co *.xtffaz.co