SSL Certificate Analysis for blog.jydbsp.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=209645.club

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 01, 2026

Valid Until

June 30, 2026 65 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

DD:32:22:FA:A9:CE:06:B7:45:11:4B:42:13:C1:3C:9D:DA:3D:88:75:1B:ED:70:1E:C1:2B:AF:95:AE:81:85:11

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

jydbsp.com *.jydbsp.com

Other domains in certificate

209645.club *.209645.club

22389.blog *.22389.blog

2356745.cc *.2356745.cc

271311.club *.271311.club

27460341.vip *.27460341.vip

27977273.vip *.27977273.vip

352554.club *.352554.club

38914.blog *.38914.blog

4f9be7a103168bd5.com *.4f9be7a103168bd5.com

52719.blog *.52719.blog

538504.blog *.538504.blog

5vugitj.cc *.5vugitj.cc

61453.loan *.61453.loan

6636cc1.vip *.6636cc1.vip

68352.pet *.68352.pet

7009d12.cc *.7009d12.cc

721797.blog *.721797.blog

73131.blog *.73131.blog

76521.my *.76521.my

777-cuia777.bet *.777-cuia777.bet

8222633.com *.8222633.com

83575.blog *.83575.blog

8579.org *.8579.org

francinyby.com *.francinyby.com

globalaudiencenet.com *.globalaudiencenet.com

islasicilia.net *.islasicilia.net

kajsavisual.com *.kajsavisual.com

kletteuprkurse.com *.kletteuprkurse.com

scratchcardwinning.quest *.scratchcardwinning.quest

slotplus789.pro *.slotplus789.pro

telefony-na-raty-pl.sbs *.telefony-na-raty-pl.sbs

theapexofchill.com *.theapexofchill.com

titanclick597.shop *.titanclick597.shop

tkbnvi.life *.tkbnvi.life

trailspin.sbs *.trailspin.sbs

twobotsai.com *.twobotsai.com

uniteddirectorysystems.com *.uniteddirectorysystems.com

upcrunchgrouppro.com *.upcrunchgrouppro.com

upcrunchhqspace.com *.upcrunchhqspace.com

upcrunchworksteam.com *.upcrunchworksteam.com

upodaf.direct *.upodaf.direct

vonliebenhausrotts.com *.vonliebenhausrotts.com

vv7198.com *.vv7198.com

vv8137.com *.vv8137.com