SSL Certificate Analysis for error-lofi.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=pio.com.au

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 14, 2026

Valid Until

July 13, 2026 34 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

DA:E4:D7:BE:5A:F0:9A:B9:52:31:AE:31:EA:5E:8B:CA:B0:AF:46:B0:05:DB:5D:95:C4:97:E4:5E:E4:91:66:A6

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

error-lofi.com *.error-lofi.com *.help.error-lofi.com *.ww38.error-lofi.com

Other domains in certificate

3kings.com *.3kings.com *.eventbrite.3kings.com

biofuelbox.com *.biofuelbox.com *.ww25.biofuelbox.com

findtheinvisablecow.com *.findtheinvisablecow.com *.superset.findtheinvisablecow.com *.ww16.findtheinvisablecow.com

fmexpression.com *.fmexpression.com *.random.fmexpression.com *.ww25.fmexpression.com

hostinger.org *.hostinger.org *.hpanel.hostinger.org *.mail.hostinger.org *.payments.hostinger.org

*.apple.learning.au *.curtin.learning.au learning.au *.learning.au *.mitre10.learning.au *.random.learning.au

megasmi.net *.megasmi.net *.random.megasmi.net *.www.megasmi.net

*.blog.michiganmotel.com michiganmotel.com *.michiganmotel.com

*.davidz.ornstein.com *.dr.ornstein.com *.m.ornstein.com ornstein.com *.ornstein.com

*.email.pio.com.au *.hostmaster.pio.com.au *.mail.pio.com.au pio.com.au *.pio.com.au *.ww38.pio.com.au

prkce.chat *.prkce.chat *.sbsww17.prkce.chat

*.analytic.qaf.com.au *.beta.qaf.com.au qaf.com.au *.qaf.com.au *.ww17.qaf.com.au *.ww25.qaf.com.au *.ww38.qaf.com.au

*.labutiko.riki.au riki.au *.riki.au

roboscreener.com *.roboscreener.com *.ww25.roboscreener.com

*.energyartist.smakul.com smakul.com *.smakul.com *.ww38.smakul.com

thumskitchenthaicuisine.com *.thumskitchenthaicuisine.com *.thumsthaikitchen.thumskitchenthaicuisine.com *.ww25.thumskitchenthaicuisine.com

*.news.unitedairlinesflights.com *.random.unitedairlinesflights.com unitedairlinesflights.com *.unitedairlinesflights.com

*.login.yourqualifytrack.co yourqualifytrack.co *.yourqualifytrack.co

*.admin.youthprojects.it *.api.youthprojects.it *.bi.youthprojects.it *.dashboard.youthprojects.it *.data.youthprojects.it *.hostmaster.youthprojects.it *.reports.youthprojects.it *.staging.youthprojects.it *.superset.youthprojects.it *.visual.youthprojects.it youthprojects.it *.youthprojects.it