SSL Certificate Analysis for com.drolle.com - Security Grade & TLS Configuration

Open Cached · just now

79/100 SECURITY SCORE

Certificate Information

Subject

CN=285198.academy

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 01, 2026

Valid Until

May 02, 2026 81 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D8:3F:9A:C4:F8:78:8F:75:B2:C9:71:42:06:AA:F5:80:9F:66:53:37:37:2E:AF:35:39:31:0F:60:47:88:CD:CB

Alternative Names

88 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

88 domains

drolle.com *.drolle.com

Other domains in certificate

285198.academy *.285198.academy

29076.business *.29076.business

2drandgroofing.com *.2drandgroofing.com

44618.pictures *.44618.pictures

55556.boston *.55556.boston

59567.pictures *.59567.pictures

66944.locker *.66944.locker

68526.net *.68526.net

72oe8d.buzz *.72oe8d.buzz

76814.pictures *.76814.pictures

82live.vip *.82live.vip

955jwm301.top *.955jwm301.top

960rpt301.top *.960rpt301.top

965jwm301.top *.965jwm301.top

967yyq301.top *.967yyq301.top

969jwm301.top *.969jwm301.top

970jys301.top *.970jys301.top

99756.net *.99756.net

agrivoltaico.org *.agrivoltaico.org

akdenizsms.com *.akdenizsms.com

alkimedia.com *.alkimedia.com

australianhistory.com.au *.australianhistory.com.au

beesp2p.org *.beesp2p.org

bekirogullari.com *.bekirogullari.com

blastmotorsports.com *.blastmotorsports.com

blueberrymeadow.com *.blueberrymeadow.com

boom-boom-splasher.com *.boom-boom-splasher.com

captcha.com.au *.captcha.com.au

carneroscut.com *.carneroscut.com

christensen-benefits.com *.christensen-benefits.com

christensen-benefits.net *.christensen-benefits.net

christensen-benefitsgroup.com *.christensen-benefitsgroup.com

club408.trading *.club408.trading

codebothq.com *.codebothq.com

cointrendy.com *.cointrendy.com

colourpalette.com.au *.colourpalette.com.au

corena.xyz *.corena.xyz

dholerasirplots.com *.dholerasirplots.com

digitaltechmasterynepal.com *.digitaltechmasterynepal.com

disrupting.org *.disrupting.org

drumming.com.au *.drumming.com.au

drunk-driving-981001072.click *.drunk-driving-981001072.click

e-z.email *.e-z.email