SSL Certificate Analysis for etp.de - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=masterbank.net.in

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

January 13, 2026

Valid Until

April 13, 2026 50 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D3:D3:62:4E:7B:71:8A:AE:73:30:FD:E5:E0:E5:2A:8D:72:43:B0:F6:EC:F6:3B:93:E7:8B:14:FD:EA:73:FD:33

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

etp.de *.etp.de *.karriere.etp.de

Other domains in certificate

*.aleraedge.alergroup.com alergroup.com *.alergroup.com *.ww38.alergroup.com

boglins.com *.boglins.com

campfire-zimbabwe.org *.campfire-zimbabwe.org

chaturbat.co *.chaturbat.co *.ww38.chaturbat.co

*.0fh.cherryblog.site *.0q8.cherryblog.site *.0s5r7.cherryblog.site *.0w2.cherryblog.site *.114d5n.cherryblog.site *.14vujb.cherryblog.site *.21ep.cherryblog.site *.2bhg0.cherryblog.site *.2io4.cherryblog.site *.2rxpsw.cherryblog.site *.32g.cherryblog.site *.3xap1.cherryblog.site *.44fvo.cherryblog.site *.4hc1t.cherryblog.site *.4hgkf8.cherryblog.site *.4hzi.cherryblog.site *.54n.cherryblog.site *.69b.cherryblog.site *.6l4.cherryblog.site *.75j7eh.cherryblog.site *.9617g.cherryblog.site *.a38u.cherryblog.site *.bews2.cherryblog.site *.bfjypp.cherryblog.site cherryblog.site *.cherryblog.site *.dgu.cherryblog.site *.eceky1.cherryblog.site *.fbilgi.cherryblog.site *.fj8q2w.cherryblog.site *.g59.cherryblog.site *.gjack.cherryblog.site *.imj.cherryblog.site *.j4y.cherryblog.site *.j9c.cherryblog.site *.kkhjx.cherryblog.site *.kky.cherryblog.site *.krqt7.cherryblog.site *.l9h0a4.cherryblog.site *.lty.cherryblog.site *.managment.cherryblog.site *.myo1zn.cherryblog.site *.ncsrv.cherryblog.site *.noeev.cherryblog.site *.nox81.cherryblog.site *.npr0f.cherryblog.site *.nu2l.cherryblog.site *.o5qvt.cherryblog.site *.qe8.cherryblog.site *.qxu2.cherryblog.site *.qzz.cherryblog.site *.rlpuvt.cherryblog.site *.ssh9g2.cherryblog.site *.std4g.cherryblog.site *.vdm.cherryblog.site *.vnhi.cherryblog.site *.vx5c5.cherryblog.site *.xgz.cherryblog.site *.xnj8v3.cherryblog.site *.zmwiu.cherryblog.site

masterbank.net.in *.masterbank.net.in *.sebgfvhhtt.masterbank.net.in

plentyviews.com.au *.plentyviews.com.au *.ww25.plentyviews.com.au

*.hostmaster.rockautoo.com rockautoo.com *.rockautoo.com *.ww38.rockautoo.com

*.mailserver.studentairfare.com.au studentairfare.com.au *.studentairfare.com.au

toonkor343.com *.toonkor343.com *.www.toonkor343.com