SSL Certificate Analysis for bettervalue.in - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=30271.town

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 26, 2026

Valid Until

August 24, 2026 75 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

03:06:C2:FF:3C:96:AE:04:8A:19:23:57:39:08:1A:1D:DE:DE:A2:1F:FF:20:6C:98:3E:25:12:85:43:2D:23:2C

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

bettervalue.in *.bettervalue.in

Other domains in certificate

205016.xyz *.205016.xyz

30271.town *.30271.town

334952.com *.334952.com

43198.my *.43198.my

43509.my *.43509.my

439503.co *.439503.co

49128.casa *.49128.casa

5280thrift.com *.5280thrift.com

557722jj.cc *.557722jj.cc

58589.my *.58589.my

611.tv *.611.tv

627539.cc *.627539.cc

66088.one *.66088.one

7b6qbj6b.world *.7b6qbj6b.world

82537.locker *.82537.locker

90465.xyz *.90465.xyz

962837.world *.962837.world

abstractmath.com *.abstractmath.com

acnelift.com *.acnelift.com

aianalyse.click *.aianalyse.click

aidcenters.com *.aidcenters.com

aifipayment.show *.aifipayment.show

aigpto.com *.aigpto.com

akooralive.com *.akooralive.com

appsvr47.com *.appsvr47.com

ariahir.com *.ariahir.com

athverse.art *.athverse.art

b33yhd.com *.b33yhd.com

baoyu.pics *.baoyu.pics

bbet.digital *.bbet.digital

bbtunggul.site *.bbtunggul.site

beddertogether.com *.beddertogether.com

byrna-it.com *.byrna-it.com

califunia.com *.califunia.com

careergrowthadvisory.live *.careergrowthadvisory.live

cobraplanet.com *.cobraplanet.com

d76t6b1us.top *.d76t6b1us.top

demarcopartners.com *.demarcopartners.com

fordautomontegiove.it *.fordautomontegiove.it

glonmezira.sbs *.glonmezira.sbs

holisticfitimpact.club *.holisticfitimpact.club

mgmgrandmarket.cyou *.mgmgrandmarket.cyou

n16c.shop *.n16c.shop

ok6152.cc *.ok6152.cc