SSL Certificate Analysis for dev.attractiveboy.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=256987.blog

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 05, 2026

Valid Until

July 04, 2026 53 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

7E:6B:7E:96:5B:CB:28:42:97:6F:F3:37:DC:DE:C7:27:03:4A:0E:32:4F:0C:5B:DB:07:C9:66:8E:BE:86:E1:97

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

attractiveboy.com *.attractiveboy.com

Other domains in certificate

256987.blog *.256987.blog

2kirmiziyememe.com *.2kirmiziyememe.com

380.bet *.380.bet

43066.vip *.43066.vip

7er7pgd.cc *.7er7pgd.cc

agec.xyz *.agec.xyz

amoji.org *.amoji.org

avok.xyz *.avok.xyz

awareness.us *.awareness.us

az5oa0p5yryd.top *.az5oa0p5yryd.top

bangsasuper1.qpon *.bangsasuper1.qpon

batiecorenouvelable.com *.batiecorenouvelable.com

branduga.com *.branduga.com

bsn.org *.bsn.org

cheerfultravelstories.xyz *.cheerfultravelstories.xyz

climatealliancegroup.net *.climatealliancegroup.net

cyclorama.com *.cyclorama.com

dbfdgs.pro *.dbfdgs.pro

drawspiderintervention.cfd *.drawspiderintervention.cfd

dukunrtp.com *.dukunrtp.com

elevoedge.com *.elevoedge.com

farmauctionsnear.com *.farmauctionsnear.com

fitness-apps-s-2025s1.sbs *.fitness-apps-s-2025s1.sbs

fortescue.xyz *.fortescue.xyz

gossipchatbot.com *.gossipchatbot.com

gpptv.com *.gpptv.com

gpt5coins.com *.gpt5coins.com

haijiao99.lol *.haijiao99.lol

hkhbm.co *.hkhbm.co

hypnotherapy.cc *.hypnotherapy.cc

hyss.xyz *.hyss.xyz

jamethoki.biz *.jamethoki.biz

keygatebit.my *.keygatebit.my

kotrave.com *.kotrave.com

kuxqc.app *.kuxqc.app

lazypromo.com *.lazypromo.com

lwin.xyz *.lwin.xyz

metricacozinhas.com *.metricacozinhas.com

n6melve0g0h89o7.fun *.n6melve0g0h89o7.fun

naukari-for-carpenter.sbs *.naukari-for-carpenter.sbs

nextgenandroidstools.com *.nextgenandroidstools.com

noonso.shop *.noonso.shop

northstarapparel.shop *.northstarapparel.shop

nurj.top *.nurj.top