SSL Certificate Analysis for dev.arizonatshirt.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=reqh.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 02, 2026

Valid Until

May 03, 2026 74 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

BE:24:05:6B:00:2C:76:E8:9F:E4:DC:8F:8A:F5:F6:CE:1B:BD:D8:5D:11:CD:9C:58:B9:C6:22:68:68:1E:79:C2

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

arizonatshirt.com *.arizonatshirt.com

Other domains in certificate

*.01.2025.bio *.02.2025.bio *.03.2025.bio *.04.2025.bio *.05.2025.bio *.06.2025.bio *.07.2025.bio *.08.2025.bio *.09.2025.bio *.10.2025.bio *.11.2025.bio *.12.2025.bio *.19.2025.bio 2025.bio *.2025.bio *.3.2025.bio *.4.2025.bio *.5.2025.bio *.7.2025.bio *.9.2025.bio *.www.2025.bio

6u992q.xyz *.6u992q.xyz *.ww25.6u992q.xyz *.ww38.6u992q.xyz

*.aeva.afn.au afn.au *.afn.au *.eaf.afn.au *.nativeplants-canberra.afn.au *.usor.afn.au

arifuzzaman.com *.arifuzzaman.com

aromascience.com *.aromascience.com

asemena.com *.asemena.com

aspres.com *.aspres.com

beecee-decision.com *.beecee-decision.com

beenhouwer.com *.beenhouwer.com

conceit-e-deals.xyz *.conceit-e-deals.xyz *.ww25.conceit-e-deals.xyz *.ww38.conceit-e-deals.xyz

genvr.online *.genvr.online *.random.genvr.online *.ww38.genvr.online

hunchtheatre.org *.hunchtheatre.org *.ww38.hunchtheatre.org

*.d.meetportal3.xyz *.dev.meetportal3.xyz *.mail.meetportal3.xyz meetportal3.xyz *.meetportal3.xyz

modiis.online *.modiis.online *.ww25.modiis.online

mountgambiernews.com.au *.mountgambiernews.com.au *.ww16.mountgambiernews.com.au

*.api.muwifi.com muwifi.com *.muwifi.com *.random.muwifi.com *.ww.muwifi.com *.ww25.muwifi.com *.ww38.muwifi.com

*.api.odysiimi.com odysiimi.com *.odysiimi.com

porbhat.com *.porbhat.com *.users.porbhat.com

*.random.reqh.com reqh.com *.reqh.com *.ww38.reqh.com

setiawan.store *.setiawan.store *.v.setiawan.store

wandagaoduan22.store *.wandagaoduan22.store *.ww25.wandagaoduan22.store