SSL Certificate Analysis for cdn-jupiter.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=ravishcouture.com.au

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

December 18, 2025

Valid Until

March 18, 2026 34 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D9:2B:2D:E7:B9:B2:2A:B5:68:CE:0F:82:3F:29:38:77:E3:3A:28:B2:87:A0:76:50:70:1F:2F:72:B6:70:BB:4A

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

cdn-jupiter.com *.cdn-jupiter.com *.d7izxzkm5jvh.cdn-jupiter.com *.qbyrpo83t7d3.cdn-jupiter.com *.qfdjvs9xshtqmeip.cdn-jupiter.com *.ww25.cdn-jupiter.com

Other domains in certificate

backgroundchecks.co *.backgroundchecks.co

bigbadtoystore.co *.bigbadtoystore.co *.random.bigbadtoystore.co *.store.bigbadtoystore.co *.w.bigbadtoystore.co

blcked.com *.blcked.com *.sex.blcked.com *.ww17.blcked.com *.xnxx.blcked.com *.xxx.blcked.com

*.ad.dinespace.com *.by.dinespace.com *.c.dinespace.com dinespace.com *.dinespace.com *.img.dinespace.com *.m.dinespace.com *.panel.dinespace.com *.rz.dinespace.com *.sales.dinespace.com *.sc.dinespace.com

*.comww1.feelingusa.com feelingusa.com *.feelingusa.com *.www.feelingusa.com

intimify.app *.intimify.app

*.agecalculator.jobnewz.club *.classified.jobnewz.club *.contentwriters.jobnewz.club *.contenwriters.jobnewz.club *.drivelink.jobnewz.club *.freemedicalebooks.jobnewz.club jobnewz.club *.jobnewz.club *.onlineapply.jobnewz.club *.physiotherapistinfaisalabad.jobnewz.club *.www.jobnewz.club

linkimiyolla.com *.linkimiyolla.com *.ww25.linkimiyolla.com

*.cdn.livetv80.me livetv80.me *.livetv80.me *.m.livetv80.me *.mmopvww25.livetv80.me *.ww25.livetv80.me *.www.livetv80.me

luminaire.studio *.luminaire.studio

mangabuddy.site *.mangabuddy.site *.mhff2okwb14omquu.mangabuddy.site

my-babysitters-club.com *.my-babysitters-club.com

newbriceplumbing.com.au *.newbriceplumbing.com.au

paidmmoak.live *.paidmmoak.live *.syn-woodle.paidmmoak.live *.ufavbqu.paidmmoak.live

ravishcouture.com.au *.ravishcouture.com.au

*.bezerocarbon.teamtailor.co *.hostmaster.teamtailor.co *.message.teamtailor.co *.na.teamtailor.co *.random.teamtailor.co *.search4s.teamtailor.co teamtailor.co *.teamtailor.co *.ww25.teamtailor.co

thebargebude.co.uk *.thebargebude.co.uk

thelamblongdown.co.uk *.thelamblongdown.co.uk

thepackhorseleeds.co.uk *.thepackhorseleeds.co.uk

waow.co.uk *.waow.co.uk *.ww38.waow.co.uk