SSL Certificate Analysis for connect.lean-body.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=180377.co

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 26, 2026

Valid Until

August 24, 2026 71 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

16:7D:3B:84:78:5F:2A:08:F8:65:02:3F:76:6B:26:C8:A3:ED:34:FB:13:E2:9B:5A:CF:D2:C6:E9:20:E9:52:CF

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

lean-body.com *.lean-body.com

Other domains in certificate

180377.co *.180377.co

30353.pro *.30353.pro

30695.buzz *.30695.buzz

30696.my *.30696.my

30736.buzz *.30736.buzz

31302.town *.31302.town

31871.casa *.31871.casa

67400.vip *.67400.vip

697572.xyz *.697572.xyz

836out.top *.836out.top

93527.pro *.93527.pro

93rng5kx.xyz *.93rng5kx.xyz

96861.vip *.96861.vip

98177.one *.98177.one

addiction-clinic-services-hl02.click *.addiction-clinic-services-hl02.click

adella.digital *.adella.digital

ailinh.com *.ailinh.com

an99.ws *.an99.ws

birdtravelkit.com *.birdtravelkit.com

birdtravelkit.info *.birdtravelkit.info

bkpeaxe774.vip *.bkpeaxe774.vip

c23m9y4re.top *.c23m9y4re.top

crowco.com *.crowco.com

delhiflooring.com *.delhiflooring.com

desenvolvedor.dev *.desenvolvedor.dev

duralastfloorcoatingssedalia.com *.duralastfloorcoatingssedalia.com

france-people.com *.france-people.com

h38v2n7ud.top *.h38v2n7ud.top

h74n7e7pa.top *.h74n7e7pa.top

htsdx.work *.htsdx.work

ikjtpe.app *.ikjtpe.app

lexunityup.com *.lexunityup.com

n62am.com *.n62am.com

netflixmena.com *.netflixmena.com

resagricosc.it.com *.resagricosc.it.com

reseed.org *.reseed.org

resilientfitfocus.run *.resilientfitfocus.run

resilink.co *.resilink.co

resourcefultravelpro.live *.resourcefultravelpro.live

reviewcentr-zone.com *.reviewcentr-zone.com

s5pg26.cyou *.s5pg26.cyou

veumu.cn *.veumu.cn

vgkmi.gdn *.vgkmi.gdn

vipbnq.cc *.vipbnq.cc