SSL Certificate Analysis for daumenhoch.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=454521.lgbt

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 11, 2026

Valid Until

August 09, 2026 49 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

90:7D:B3:CE:03:46:B5:AE:75:E6:A2:B6:4C:5F:44:20:47:BE:60:9D:92:F6:3B:09:C7:59:13:52:63:55:1A:F6

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

daumenhoch.com *.daumenhoch.com *.cloud.daumenhoch.com

Other domains in certificate

454511.lgbt *.454511.lgbt

454512.lgbt *.454512.lgbt

454513.lgbt *.454513.lgbt

454514.lgbt *.454514.lgbt

454515.lgbt *.454515.lgbt

454516.lgbt *.454516.lgbt

454518.lgbt *.454518.lgbt

454519.lgbt *.454519.lgbt

454520.lgbt *.454520.lgbt

454521.lgbt *.454521.lgbt

454522.lgbt *.454522.lgbt

454523.lgbt *.454523.lgbt

454525.lgbt *.454525.lgbt

454526.lgbt *.454526.lgbt

454527.lgbt *.454527.lgbt

454528.lgbt *.454528.lgbt

454529.lgbt *.454529.lgbt

454530.lgbt *.454530.lgbt

454532.lgbt *.454532.lgbt

454533.lgbt *.454533.lgbt

4kfuli.co *.4kfuli.co *.analytic.4kfuli.co

afcam.org *.afcam.org

airsoftspring.com *.airsoftspring.com

bailyx.com *.bailyx.com *.proxy.bailyx.com

bosssupplements.site *.bosssupplements.site

contact-look.online *.contact-look.online

createwithprospyre.co *.createwithprospyre.co

dating-ind-3-may.sbs *.dating-ind-3-may.sbs

destinationauthenticity.xyz *.destinationauthenticity.xyz

digitalsupport.uk *.digitalsupport.uk

distinctivecopy.com *.distinctivecopy.com

*.cpcontacts.fabulousfrenchyz.com fabulousfrenchyz.com *.fabulousfrenchyz.com *.millercarusowebmail.fabulousfrenchyz.com *.portal.fabulousfrenchyz.com *.secure.fabulousfrenchyz.com

feelfit.co *.feelfit.co

fmulf.gdn *.fmulf.gdn *.www.fmulf.gdn

kayserisoz.com *.kayserisoz.com *.ww38.kayserisoz.com

positionsoffers.click *.positionsoffers.click

revupprospyre.co *.revupprospyre.co

*.dev.ubcox.art ubcox.art *.ubcox.art

wtw-roblox.com *.wtw-roblox.com