SSL Certificate Analysis for choses.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=ripponlea.com.au

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

December 26, 2025

Valid Until

March 26, 2026 30 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

CE:1A:4C:43:FE:95:06:61:A8:3B:4C:2F:95:28:74:9C:B3:2D:68:0A:B5:1B:65:A4:64:B4:C7:DD:23:89:14:D1

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

choses.com *.choses.com *.lchydraul.choses.com *.lchydrauli.choses.com *.mvideo.choses.com *.petit.choses.com *.rustore.choses.com *.wildcard.choses.com *.ww16.choses.com *.ww25.choses.com

Other domains in certificate

*.4f4db83126e573a2.666mom.top 666mom.top *.666mom.top *.66m.666mom.top *.78m.666mom.top *.heepv2.666mom.top *.v1.666mom.top *.v2.666mom.top *.w98.666mom.top *.ww16.666mom.top

*.92gli.drrotsaertdeleeuw.be *.av1g.drrotsaertdeleeuw.be drrotsaertdeleeuw.be *.drrotsaertdeleeuw.be *.e7xyg.drrotsaertdeleeuw.be *.random.drrotsaertdeleeuw.be *.so8o4.drrotsaertdeleeuw.be *.yskt9.drrotsaertdeleeuw.be

florenceaccommodation.com.au *.florenceaccommodation.com.au

*.at.ihe.au ihe.au *.ihe.au

*.admin.makebtc.co *.analytics.makebtc.co *.crm.makebtc.co *.lime.makebtc.co *.mail.makebtc.co makebtc.co *.makebtc.co *.mmsclytics.makebtc.co *.sitemap.makebtc.co *.sitemaps.makebtc.co *.speedycrm.makebtc.co

meteoserver.cz *.meteoserver.cz

ripponlea.com.au *.ripponlea.com.au

sofi.bet *.sofi.bet

visitorvisa.au *.visitorvisa.au *.ww38.visitorvisa.au *.www.visitorvisa.au

*.admin.vkmp3.org *.affiliates.vkmp3.org *.api.vkmp3.org *.app.vkmp3.org *.atlassian.vkmp3.org *.confluence.vkmp3.org *.dev.vkmp3.org *.dl2.vkmp3.org *.dl3.vkmp3.org *.dl4.vkmp3.org *.dl5.vkmp3.org *.dl6.vkmp3.org *.dl7.vkmp3.org *.dl8.vkmp3.org *.download.vkmp3.org *.hlus.vkmp3.org *.home.vkmp3.org *.hostmaster.vkmp3.org *.mobile.vkmp3.org *.music.vkmp3.org *.ns1.vkmp3.org *.ns2.vkmp3.org *.root.vkmp3.org *.swagger.vkmp3.org *.syn.vkmp3.org *.test.vkmp3.org *.vk.vkmp3.org vkmp3.org *.vkmp3.org *.vpn.vkmp3.org *.wap.vkmp3.org *.webmail.vkmp3.org *.woman.vkmp3.org *.ww.vkmp3.org

xn--gehirnerschterung-d3b.de *.xn--gehirnerschterung-d3b.de