SSL Certificate Analysis for dash.httpatt.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=mimarathilive.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 25, 2026

Valid Until

July 24, 2026 78 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

01:54:A6:D6:BB:2C:35:91:15:0C:AA:9F:0D:D4:89:0A:B1:15:A4:1B:9C:20:15:CC:E8:63:48:62:52:35:C8:0D

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

httpatt.com *.httpatt.com *.backend.httpatt.com *.backup.httpatt.com *.blog.httpatt.com *.crm.httpatt.com *.dash.httpatt.com *.demo.httpatt.com *.forums.httpatt.com *.news.httpatt.com *.staging.httpatt.com *.ua.httpatt.com *.web.httpatt.com

Other domains in certificate

*.9d1d8303-926c-4bd9-8f35-629f8f2b6ddd.anphumobile.com *.a.anphumobile.com *.acc.anphumobile.com *.admin.anphumobile.com anphumobile.com *.anphumobile.com *.api.anphumobile.com *.backup.anphumobile.com *.c2fcbbcf-074d-4a77-aa3d-566d33c67c36.anphumobile.com *.cdn.anphumobile.com *.cloud.anphumobile.com *.cpcontacts.anphumobile.com *.dashboard.anphumobile.com *.demo.anphumobile.com *.dev.anphumobile.com *.havbbrds.anphumobile.com *.hostmaster.anphumobile.com *.iduesmvz.anphumobile.com *.imap.anphumobile.com *.m.anphumobile.com *.mail.anphumobile.com *.mailer.anphumobile.com *.marketing.anphumobile.com *.net4bd9-8f35-629f8f2b6ddd.anphumobile.com *.qa.anphumobile.com *.qywkncpcontacts.anphumobile.com *.rd.anphumobile.com *.rdweb.anphumobile.com *.remote.anphumobile.com *.sofypwkr.anphumobile.com *.stg.anphumobile.com *.web.anphumobile.com *.www.anphumobile.com

*.eu.fusions.org fusions.org *.fusions.org *.m.fusions.org

*.epaper.mimarathilive.com *.ex02.mimarathilive.com *.exchange.mimarathilive.com mimarathilive.com *.mimarathilive.com *.wwww.mimarathilive.com

*.6af84c78-2c7d-435f-b690-33e37bcf10f7.nelem360.com *.admin.nelem360.com *.api.nelem360.com *.assets.nelem360.com *.cloud.nelem360.com *.development.nelem360.com *.hdivkgyajpmx0.nelem360.com *.mail.nelem360.com *.mailgw.nelem360.com *.mx0.nelem360.com nelem360.com *.nelem360.com *.rd.nelem360.com *.rdweb.nelem360.com

*.admin.omytu.com *.api.omytu.com *.app.omytu.com *.cloud.omytu.com *.d.omytu.com *.demo.omytu.com *.fm.omytu.com *.hs1.omytu.com *.ik.omytu.com *.o.omytu.com omytu.com *.omytu.com *.portal.omytu.com *.rd.omytu.com *.remote.omytu.com *.sgrrem.omytu.com *.uwq.omytu.com *.vpn.omytu.com *.wdp.omytu.com