SSL Certificate Analysis for cap-attack.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=drehacl.shop

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 04, 2026

Valid Until

August 02, 2026 37 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

B5:CC:4E:23:BC:29:C8:1A:B3:54:08:3A:9F:2E:33:5D:0C:9A:D7:7A:D9:70:DE:24:C0:B2:3E:C6:13:5F:FE:83

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

cap-attack.com *.cap-attack.com *.b2bb900731d7.cap-attack.com

Other domains in certificate

asno.it *.asno.it

*.32.betist1400.com *.bet.betist1400.com betist1400.com *.betist1400.com *.cdn.betist1400.com *.cesia-api.betist1400.com *.uat.betist1400.com

*.docs.drehacl.shop drehacl.shop *.drehacl.shop *.my.drehacl.shop

easysimpleloan.com *.easysimpleloan.com *.email.easysimpleloan.com

*.admin.haibe.com *.api.haibe.com *.app.haibe.com *.blog.haibe.com *.demo.haibe.com *.drive.haibe.com haibe.com *.haibe.com *.hostmaster.haibe.com *.m.haibe.com *.mail2.haibe.com *.t.haibe.com *.ww1.haibe.com *.ww16.haibe.com *.ww17.haibe.com *.ww38.haibe.com

kontuz.org *.kontuz.org

naulibrary.org *.naulibrary.org *.ww1.naulibrary.org *.ww16.naulibrary.org *.ww35.naulibrary.org *.ww38.naulibrary.org

petstores.eu *.petstores.eu

security-cameras-sg.sbs *.security-cameras-sg.sbs

*.letsflybd.skootiegames.com skootiegames.com *.skootiegames.com *.webdisk.skootiegames.com *.www.skootiegames.com

smari-cocinabar.com *.smari-cocinabar.com

*.api.starweb.app *.app.starweb.app *.dev.starweb.app *.secure.starweb.app *.staging.starweb.app starweb.app *.starweb.app *.stg.starweb.app *.v1.starweb.app *.vukbtjhx.starweb.app *.ycq3x5.starweb.app

*.baf73844-282e-448d-96c2-111ae42bffb6.tablinn.com *.hostmaster.tablinn.com *.sitemaps.tablinn.com tablinn.com *.tablinn.com

toy-rider.com *.toy-rider.com

*.analytic.viessmann.academy *.dash.viessmann.academy *.dev.viessmann.academy *.insight.viessmann.academy *.marketing.viessmann.academy *.preview.viessmann.academy *.superset.viessmann.academy viessmann.academy *.viessmann.academy *.vitomax.viessmann.academy

*.gallery.wholemelts.com *.live.wholemelts.com *.marketing.wholemelts.com *.online.wholemelts.com *.users.wholemelts.com wholemelts.com *.wholemelts.com *.ww25.wholemelts.com