SSL Certificate Analysis for bigdata.stashbox.site - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=otaexpress.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 25, 2026

Valid Until

July 24, 2026 64 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

08:28:70:FB:68:DD:DA:35:3E:B2:11:3B:AB:D3:7E:21:91:41:FD:FE:F9:65:27:27:89:1C:A3:F9:50:C2:1B:F8

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

stashbox.site *.stashbox.site *.6.stashbox.site *.admin.stashbox.site *.analytics.stashbox.site *.analyze.stashbox.site *.bi.stashbox.site *.bigdata.stashbox.site *.ci.stashbox.site *.cicd.stashbox.site *.data.stashbox.site *.demo.stashbox.site *.forecast.stashbox.site *.intel.stashbox.site *.intelligence.stashbox.site *.metric.stashbox.site *.metrics.stashbox.site *.preprod.stashbox.site *.reporting.stashbox.site *.reports.stashbox.site *.research.stashbox.site *.ssl.stashbox.site *.superset.stashbox.site *.supersets.stashbox.site *.ww25.stashbox.site *.ww6.stashbox.site

Other domains in certificate

0772cz.com *.0772cz.com *.hostmaster.0772cz.com *.m.0772cz.com *.vpn.0772cz.com

baybreezehomes.com *.baybreezehomes.com *.mail.baybreezehomes.com *.remote.baybreezehomes.com *.webmail.baybreezehomes.com *.www.baybreezehomes.com

faalchi.com *.faalchi.com *.staging.faalchi.com

katies.club *.katies.club

*.73c33325-b2a3-4ecc-9ddc-ad087283310c.laso88.click *.dyb254.laso88.click laso88.click *.laso88.click

*.dan.lootek.com lootek.com *.lootek.com

*.kitchen.mcgees.com mcgees.com *.mcgees.com *.www.mcgees.com

nucomfortsupplyinc.de *.nucomfortsupplyinc.de

otaexpress.com *.otaexpress.com *.webdisk.otaexpress.com

*.analytic.socrazy.it *.analytics.socrazy.it *.app.socrazy.it *.bi.socrazy.it *.chart.socrazy.it *.dashboard.socrazy.it *.demo.socrazy.it *.dev.socrazy.it *.intelligence.socrazy.it *.poc.socrazy.it *.report.socrazy.it *.research.socrazy.it socrazy.it *.socrazy.it *.staging.socrazy.it *.status.socrazy.it *.summary.socrazy.it *.superset.socrazy.it *.supersets.socrazy.it

sologamous.org *.sologamous.org *.www.sologamous.org

*.random.thetravellingpeople.com thetravellingpeople.com *.thetravellingpeople.com

*.com.ukex.net *.net.ukex.net *.remote.ukex.net *.ssl.ukex.net *.sslvpn.ukex.net ukex.net *.ukex.net