SSL Certificate Analysis for dns.findnickname.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=23028.co

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 20, 2026

Valid Until

July 19, 2026 60 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

C2:DB:9F:A5:FC:4F:94:0C:08:10:30:A6:F3:7B:F8:76:83:2D:F3:21:08:EC:53:CA:0B:EC:BF:8E:75:88:D8:12

Alternative Names

91 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

91 domains

findnickname.com *.findnickname.com

Other domains in certificate

01599.loan *.01599.loan

13026.one *.13026.one

23028.co *.23028.co

27134399.vip *.27134399.vip

27333472.vip *.27333472.vip

27644526.vip *.27644526.vip

28493.blog *.28493.blog

28521.blog *.28521.blog

614867.cc *.614867.cc

820469.loan *.820469.loan

acheibaby.com *.acheibaby.com

bauble.org *.bauble.org

bplugins.net *.bplugins.net

businessstrategybots.com *.businessstrategybots.com

cccp-online.org *.cccp-online.org

cornerstoneinteriorsks.com *.cornerstoneinteriorsks.com

costaricanresource.com *.costaricanresource.com

coxlooks.com *.coxlooks.com

crypto-quantum.com *.crypto-quantum.com

dating-experts.org *.dating-experts.org

delhicityonline.com *.delhicityonline.com

delhiweekly.com *.delhiweekly.com *.ns1.delhiweekly.com

designtrak.com *.designtrak.com

disneyworld.bot *.disneyworld.bot

domainmarket.org *.domainmarket.org

donut.it.com *.donut.it.com

elpasoindustrial.com *.elpasoindustrial.com

enonlinecasinos.com *.enonlinecasinos.com

fduup.plus *.fduup.plus

fetish-elements.com *.fetish-elements.com

finewinetrail.com *.finewinetrail.com

goldenjobch.com *.goldenjobch.com

goodnessw.com *.goodnessw.com

hciqi3.cyou *.hciqi3.cyou

it-college.com *.it-college.com

jackpotvideoslots.com *.jackpotvideoslots.com

kj33vp.com *.kj33vp.com

webruke.com *.webruke.com

wskf.info *.wskf.info

wt-loyarentals.com *.wt-loyarentals.com

xn--oor808cwjg.com *.xn--oor808cwjg.com

xx66626.cc *.xx66626.cc

xx88828.cc *.xx88828.cc

yhfhs.reviews *.yhfhs.reviews