SSL Certificate Analysis for cc.228235.cc - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=54831.my

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 22, 2026

Valid Until

July 21, 2026 54 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

30:F3:00:30:B6:1D:AB:DA:BF:43:FC:98:89:84:C6:44:B6:7B:05:97:5F:8A:9C:1C:93:86:43:42:45:4D:91:FD

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

228235.cc *.228235.cc

Other domains in certificate

21430.blog *.21430.blog

286786.lol *.286786.lol

2hw.net *.2hw.net

380173.lol *.380173.lol

393858.lol *.393858.lol

425467.lol *.425467.lol

54831.my *.54831.my

54877.my *.54877.my

54923.blog *.54923.blog

54973.my *.54973.my

66126.blog *.66126.blog

688914.lol *.688914.lol

73016.blog *.73016.blog

791423.lol *.791423.lol

825048.lol *.825048.lol

83133.blog *.83133.blog

87558dhc8.cc *.87558dhc8.cc

984014.lol *.984014.lol

agelessbeautydomain.com *.agelessbeautydomain.com

apple-location.center *.apple-location.center

asitreatment.com *.asitreatment.com

bkza498.cc *.bkza498.cc

defi.cfd *.defi.cfd

dragonscityapk.net *.dragonscityapk.net

incubin.com *.incubin.com

moonshadow.studio *.moonshadow.studio

nyu2026.info *.nyu2026.info

nyu2030.info *.nyu2030.info

professionalplates.food *.professionalplates.food

protraveljourney.live *.protraveljourney.live

retromamas.com *.retromamas.com

seekmass.com *.seekmass.com

shoeinsider.shop *.shoeinsider.shop

skiphirecanterbury.com *.skiphirecanterbury.com

slush.live *.slush.live

swissprowater.cn *.swissprowater.cn

theantarvasana.art *.theantarvasana.art

thewellnessarena.com *.thewellnessarena.com

travelvisiontrust.live *.travelvisiontrust.live

triggers.directory *.triggers.directory

tuanqqindobet.com *.tuanqqindobet.com

twotwentyphotosblog.com *.twotwentyphotosblog.com

www978754.cc *.www978754.cc

xn--1sqy11d.com *.xn--1sqy11d.com