SSL Certificate Analysis for dev.paypir.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=govareviewslift.co

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

June 22, 2026

Valid Until

September 20, 2026 85 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

C3:2E:08:F8:58:3A:CD:23:E7:72:8F:12:FA:C0:A4:48:99:90:46:D8:76:7B:17:E0:05:AC:D2:14:07:D2:B4:58

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

paypir.com *.paypir.com

Other domains in certificate

1x38.com *.1x38.com

568228.cc *.568228.cc

accdefg.xyz *.accdefg.xyz

acfcqbozbjgv.cc *.acfcqbozbjgv.cc

agiseer.com *.agiseer.com

cuahangxemaylongan.com *.cuahangxemaylongan.com *.ww38.cuahangxemaylongan.com

diuwqupyru.cc *.diuwqupyru.cc

dvnvvkxvzulmcyk.cc *.dvnvvkxvzulmcyk.cc

ewrbn67.xyz *.ewrbn67.xyz

flowlsfocus.com *.flowlsfocus.com

flowqueue.com *.flowqueue.com

gettrollemediateam.com *.gettrollemediateam.com

*.19ee4dc3-2414-4089-a368-137acc56d7b0.govareviewslift.co *.dyrwxapp.govareviewslift.co govareviewslift.co *.govareviewslift.co

heiliao1080.pro *.heiliao1080.pro

*.autodiscover.hmis.in *.gueydprun.hmis.in hmis.in *.hmis.in *.honda.hmis.in *.hostmaster.hmis.in *.mail.hmis.in *.prun.hmis.in *.sms.hmis.in *.webmail.hmis.in *.zivaan.hmis.in

hnmsctkissl2.cc *.hnmsctkissl2.cc

hwafk.vip *.hwafk.vip

jkman.cc *.jkman.cc

jobcrest.com *.jobcrest.com

joindesignxpress.com *.joindesignxpress.com

js0112.com *.js0112.com

js23.vip *.js23.vip

kaabamosque.com *.kaabamosque.com

lciyhvfnfsd.cc *.lciyhvfnfsd.cc

legwgxynx4ayqq.cc *.legwgxynx4ayqq.cc

londontradegroup.com *.londontradegroup.com

mmk68.com *.mmk68.com

mulphilog.xyz *.mulphilog.xyz

noqrrst.xyz *.noqrrst.xyz

ojbhwl4eveb.cc *.ojbhwl4eveb.cc

pandachat.me *.pandachat.me

patricia290.sbs *.patricia290.sbs

rc-rose01.bet *.rc-rose01.bet

run24th.life *.run24th.life

sc6lqfh7xzjfhr.cc *.sc6lqfh7xzjfhr.cc

sf50068.cc *.sf50068.cc

sugarrush100.xyz *.sugarrush100.xyz

suitaichem.cc *.suitaichem.cc