SSL Certificate Analysis for dev.bosswin4d.click - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=fine-happy.click

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

January 10, 2026

Valid Until

April 10, 2026 55 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

41:92:FF:33:DD:67:77:64:A4:A3:41:0F:AE:2C:E6:F8:A2:7A:03:00:48:D4:EC:5D:4C:1F:E2:45:B3:4C:8E:F2

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

bosswin4d.click *.bosswin4d.click *.1ca3ba0d-a4fd-42f1-975d-a1c2b5b95e35.bosswin4d.click *.api.bosswin4d.click *.demo.bosswin4d.click

Other domains in certificate

bflix.it *.bflix.it *.toww25.bflix.it *.webmail.bflix.it *.ww25.bflix.it *.ww33.bflix.it

*.api.ppe.com.pl *.dev.ppe.com.pl *.home.ppe.com.pl *.hostmaster.ppe.com.pl *.localhost.ppe.com.pl *.m.ppe.com.pl *.mobile.ppe.com.pl *.mta-sts.ppe.com.pl *.news.ppe.com.pl ppe.com.pl *.ppe.com.pl *.sitemap.ppe.com.pl *.smtp.ppe.com.pl *.sts.ppe.com.pl *.wap.ppe.com.pl *.web.ppe.com.pl *.webmail.ppe.com.pl *.whm.ppe.com.pl *.ww16.ppe.com.pl *.ww25.ppe.com.pl *.www.ppe.com.pl

duongsinhcohaiyhoctrunghoa.com *.duongsinhcohaiyhoctrunghoa.com *.www.duongsinhcohaiyhoctrunghoa.com

electro-salam.com *.electro-salam.com *.www.electro-salam.com

fine-happy.click *.fine-happy.click *.www.fine-happy.click

*.and-spa-photos.janosimeghivo.eu janosimeghivo.eu *.janosimeghivo.eu *.sickfic.janosimeghivo.eu

*.apps.lacourts.org *.cloud.lacourts.org lacourts.org *.lacourts.org *.selfhelp.lacourts.org *.w.lacourts.org *.wew.lacourts.org

mathelp.tech *.mathelp.tech

mathtricks.shop *.mathtricks.shop

mbty250.info *.mbty250.info

mbty354.info *.mbty354.info

merkezcatering.info *.merkezcatering.info

mobilog.lat *.mobilog.lat

*.84197db96cdc.papystreaming2.com *.atendimento.papystreaming2.com *.cpanel.papystreaming2.com *.cpcontacts.papystreaming2.com *.hostmaster.papystreaming2.com *.m.papystreaming2.com *.mail.papystreaming2.com papystreaming2.com *.papystreaming2.com *.random.papystreaming2.com *.remote.papystreaming2.com *.webdisk.papystreaming2.com *.webmail.papystreaming2.com *.wvvw.papystreaming2.com *.ww1.papystreaming2.com *.ww12.papystreaming2.com *.ww25.papystreaming2.com *.www.papystreaming2.com

*.f25fa652-4d0f-4e71-b110-e5b68868342b.topgs.store topgs.store *.topgs.store

twitchdown.net *.twitchdown.net *.ww16.twitchdown.net *.ww38.twitchdown.net