SSL Certificate Analysis for brushcolors.click - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=stardust.cloud

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 13, 2026

Valid Until

August 11, 2026 62 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

47:4C:05:06:D3:97:59:BD:CB:BC:A0:21:4E:32:C2:81:D5:71:D6:1E:16:26:28:49:F8:09:FF:D8:21:AD:0E:27

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

brushcolors.click *.brushcolors.click *.nim7fn.brushcolors.click

Other domains in certificate

116015.lol *.116015.lol *.s31rz8.116015.lol

4huwan.website *.4huwan.website *.laravel.4huwan.website *.random.4huwan.website

56789b.top *.56789b.top *.8d20zo.56789b.top *.95vhx.56789b.top *.fcvkr.56789b.top *.g89kw.56789b.top *.he00g.56789b.top *.l0r4m.56789b.top *.nslow.56789b.top *.o1ghs.56789b.top *.qpuov.56789b.top *.s28s9.56789b.top *.xbh6h.56789b.top *.z4r76.56789b.top *.zyu43.56789b.top

accreditedprogramsclasses-courses.click *.accreditedprogramsclasses-courses.click *.ww38.accreditedprogramsclasses-courses.click

*.2a68fc47-e1c6-4405-9dc1-dccf24d5d680.appsai.app *.9416a043-ffac-4d81-a290-d86aeb24754a.appsai.app *.account.appsai.app *.aodozmembers.appsai.app *.api.appsai.app *.app.appsai.app appsai.app *.appsai.app *.blog.appsai.app *.cdn.appsai.app *.dev.appsai.app *.e857e24d-982d-4de5-a941-4652a63e04cd.appsai.app *.en.appsai.app *.iepyclrn.appsai.app *.mail.appsai.app *.members.appsai.app *.obzfppress.appsai.app *.press.appsai.app *.test.appsai.app *.www.appsai.app *.zwqkorud.appsai.app

chinese4less.com *.chinese4less.com *.jigcqp.chinese4less.com

marksman.academy *.marksman.academy *.s5dfbj.marksman.academy

*.9f063c59-65ea-4c4f-94d6-2c5f038aa45f.nutellacoklat1.click nutellacoklat1.click *.nutellacoklat1.click *.ww38.nutellacoklat1.click

*.fachhandel.oldboston.com oldboston.com *.oldboston.com *.rd.oldboston.com

positionamplifyycrown.info *.positionamplifyycrown.info *.s2n6f7.positionamplifyycrown.info

*.s2s69x.situs-sulap338.lol situs-sulap338.lol *.situs-sulap338.lol

*.s6b6g1.stardust.cloud stardust.cloud *.stardust.cloud

*.mail.strategicsourcingconsultltd.com strategicsourcingconsultltd.com *.strategicsourcingconsultltd.com *.webmail.strategicsourcingconsultltd.com

*.aging.submcp.tech submcp.tech *.submcp.tech

*.dashboard.t-m.app t-m.app *.t-m.app

*.nndig1.thaimobilephone.com thaimobilephone.com *.thaimobilephone.com

*.random.tulenkodmd.com tulenkodmd.com *.tulenkodmd.com *.ww16.tulenkodmd.com *.ww38.tulenkodmd.com