SSL Certificate Analysis for client.colten.net - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=jstv1969.xyz

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 04, 2026

Valid Until

May 05, 2026 70 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

6A:A6:24:12:7B:E1:80:B9:4C:E4:55:42:89:F4:C7:A4:7F:74:7C:0A:AD:F1:13:48:86:54:50:58:8A:9F:91:D7

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

colten.net *.colten.net *.gateway.colten.net *.hostmaster.colten.net *.ww1.colten.net *.ww25.colten.net

Other domains in certificate

beyoglunumberescort.xyz *.beyoglunumberescort.xyz *.ww38.beyoglunumberescort.xyz

*.ak.epicgamez.com epicgamez.com *.epicgamez.com *.ol.epicgamez.com

*.api.fullbal2.xyz fullbal2.xyz *.fullbal2.xyz *.ww38.fullbal2.xyz

glaziersperth.au *.glaziersperth.au

*.50r8bf.jstv1969.xyz *.58u1wy.jstv1969.xyz *.8jdt9x7.jstv1969.xyz *.8t05ixe.jstv1969.xyz *.8vqnslm.jstv1969.xyz *.ewkg4x.jstv1969.xyz jstv1969.xyz *.jstv1969.xyz *.ww25.jstv1969.xyz *.xobzzo.jstv1969.xyz *.ykyn95.jstv1969.xyz *.ziwei.jstv1969.xyz

lavabi.com *.lavabi.com

*.api.layramoda.xyz *.dev.layramoda.xyz layramoda.xyz *.layramoda.xyz *.m.layramoda.xyz *.members.layramoda.xyz *.random.layramoda.xyz *.sitemaps.layramoda.xyz *.staging.layramoda.xyz *.test.layramoda.xyz *.ww25.layramoda.xyz *.ww38.layramoda.xyz

loismailoujones.com *.loismailoujones.com

magnumfoundation.in *.magnumfoundation.in

mymobiledevice.com *.mymobiledevice.com

narriamo.com *.narriamo.com

*.m.oneofkind.com oneofkind.com *.oneofkind.com *.ww16.oneofkind.com

onfield.com *.onfield.com

oucci.tv *.oucci.tv

panzerottointegrale.com *.panzerottointegrale.com

*.cc.pgnb.bid pgnb.bid *.pgnb.bid

*.lms.theorangecard.com.au theorangecard.com.au *.theorangecard.com.au

truedatingmatch.life *.truedatingmatch.life *.ww25.truedatingmatch.life *.ww38.truedatingmatch.life

underwars.com *.underwars.com *.ww17.underwars.com *.ww38.underwars.com

*.random.wwwpadi.com wwwpadi.com *.wwwpadi.com

*.random.x329.xyz *.ww25.x329.xyz *.ww38.x329.xyz x329.xyz *.x329.xyz

*.ww25.ying99.xyz *.ww38.ying99.xyz ying99.xyz *.ying99.xyz