SSL Certificate Analysis for bodyelastic.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=bodyelastic.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 05, 2026

Valid Until

May 06, 2026 81 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

14:92:AF:56:C3:3E:C9:8B:86:F2:11:50:8A:3B:4A:A0:0A:21:0E:FC:66:1E:17:A3:69:B1:E7:90:CC:58:25:B9

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

bodyelastic.com *.bodyelastic.com *.sitemaps.bodyelastic.com

Other domains in certificate

1-1-1-1.my *.1-1-1-1.my *.com.1-1-1-1.my *.freemium-point.1-1-1-1.my *.id.1-1-1-1.my

*.6rang.dastgiri.com *.abantribunal.dastgiri.com dastgiri.com *.dastgiri.com *.facesofcrime.dastgiri.com *.jfingo.dastgiri.com *.justice-beyond-borders.dastgiri.com *.justice4iran.dastgiri.com *.justiceforiran.dastgiri.com *.painscapes.dastgiri.com *.stolenlands.dastgiri.com *.webmail.dastgiri.com

*.ci.deltadentalol.com deltadentalol.com *.deltadentalol.com *.ww25.deltadentalol.com

h2j5jbb67a.top *.h2j5jbb67a.top *.ww17.h2j5jbb67a.top

honeyhillfaralya.com *.honeyhillfaralya.com *.tr.honeyhillfaralya.com *.ww25.honeyhillfaralya.com

rclothes.com *.rclothes.com *.ww11.rclothes.com *.ww17.rclothes.com

*.com.schieder.com *.remote.schieder.com *.remote2.schieder.com schieder.com *.schieder.com *.ssl.schieder.com *.sslvpn3.schieder.com *.ww16.schieder.com

*.6bf6a4b8-3b7b-423b-8c61-b8432ffdab10.sexxmex.com *.admin.sexxmex.com *.api.sexxmex.com *.app.sexxmex.com *.bbs.sexxmex.com *.checkout.sexxmex.com *.cloud.sexxmex.com *.construtor.sexxmex.com *.dev.sexxmex.com *.es.sexxmex.com *.home.sexxmex.com *.hostmaster.sexxmex.com *.m.sexxmex.com *.magento.sexxmex.com *.media.sexxmex.com *.mobile.sexxmex.com *.news.sexxmex.com *.novo.sexxmex.com *.qwww.sexxmex.com *.rd.sexxmex.com *.rds.sexxmex.com *.remote.sexxmex.com *.services.sexxmex.com sexxmex.com *.sexxmex.com *.shop.sexxmex.com *.stepsis.sexxmex.com *.vpn.sexxmex.com *.wap.sexxmex.com *.web.sexxmex.com *.webmail.sexxmex.com *.ww.sexxmex.com *.www.sexxmex.com *.wwww.sexxmex.com *.xxx.sexxmex.com

*.blog.sync44.com sync44.com *.sync44.com

*.gywjiww25.urinal.online urinal.online *.urinal.online *.ww38.urinal.online

*.remote.wwwsallie.com *.v1.wwwsallie.com wwwsallie.com *.wwwsallie.com