SSL Certificate Analysis for bbs.deletme.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=phimnguoilon.xyz

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 07, 2026

Valid Until

May 08, 2026 89 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

CC:6A:2A:68:72:BE:A2:5F:3D:DA:C8:B8:A9:44:B6:2B:37:B2:C0:43:9C:87:EC:41:89:0F:3B:98:51:9D:F5:95

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

deletme.com *.deletme.com *.bbs.deletme.com *.citrix.deletme.com

Other domains in certificate

desto.it *.desto.it *.gateway.desto.it

*.dashs.f1g.com f1g.com *.f1g.com *.sf1.f1g.com

formula1.net *.formula1.net

*.hsbc.lai942.com lai942.com *.lai942.com

mageslot.com *.mageslot.com *.ww38.mageslot.com

*.demo.menegatto.it menegatto.it *.menegatto.it

*.mail.metanolo.it metanolo.it *.metanolo.it

onestopseeds.com *.onestopseeds.com *.ww25.onestopseeds.com *.ww38.onestopseeds.com

*.cpcalendars.phimnguoilon.xyz *.cpcontacts.phimnguoilon.xyz phimnguoilon.xyz *.phimnguoilon.xyz

*.beta-superset.phimnhanh.tv *.image3.phimnhanh.tv *.m.phimnhanh.tv phimnhanh.tv *.phimnhanh.tv *.sdo.phimnhanh.tv *.ww1.phimnhanh.tv *.ww12.phimnhanh.tv *.ww7.phimnhanh.tv

*.api.pinhei.com pinhei.com *.pinhei.com

*.mail.tattooedtees.com tattooedtees.com *.tattooedtees.com *.webmail.tattooedtees.com

tt400.cn *.tt400.cn *.www.tt400.cn

*.ww38.xxxretrotube.pro xxxretrotube.pro *.xxxretrotube.pro

*.048jz.yptv188.com *.5gxk.yptv188.com *.5mh.yptv188.com *.5oneb.yptv188.com *.5r18wi.yptv188.com *.ba5d.yptv188.com *.c59.yptv188.com *.c637x.yptv188.com *.cce.yptv188.com *.cny.yptv188.com *.ddr.yptv188.com *.dmva5.yptv188.com *.dtkzg7.yptv188.com *.g00.yptv188.com *.kaa.yptv188.com *.l2g2p.yptv188.com *.mal9.yptv188.com *.nbpn.yptv188.com *.ntalker.yptv188.com *.pqc82.yptv188.com *.rgc.yptv188.com *.seybn.yptv188.com *.stvgc.yptv188.com *.tn6hga.yptv188.com *.tu908.yptv188.com *.utq.yptv188.com *.vga.yptv188.com *.w37hl.yptv188.com *.w456.yptv188.com *.w4ick.yptv188.com *.wzwad.yptv188.com *.xbql94.yptv188.com yptv188.com *.yptv188.com