SSL Certificate Analysis for external.350rr.app - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=mv1.life

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

May 30, 2026

Valid Until

August 28, 2026 64 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

5D:F8:62:55:33:25:36:DB:FA:3A:EE:04:1A:6F:B6:65:59:F7:A0:64:5C:BF:9F:1F:11:98:1A:55:E8:A9:E9:0A

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

350rr.app *.350rr.app *.479665d9-cec1-421c-b477-bce249e78489.350rr.app *.92b592e7-67ce-46c5-9053-32931689ffa1.350rr.app *.account.350rr.app *.adm.350rr.app *.admin.350rr.app *.api.350rr.app *.app.350rr.app *.assets.350rr.app *.autoconfig.350rr.app *.autodiscover.350rr.app *.backend.350rr.app *.beta.350rr.app *.blog.350rr.app *.ce045396-08c9-4552-994e-f1db5e82fca6.350rr.app *.chat.350rr.app *.cms.350rr.app *.crm.350rr.app *.dashboard.350rr.app *.demo.350rr.app *.dev.350rr.app *.en.350rr.app *.external.350rr.app *.hr.350rr.app *.my.350rr.app *.nw0nr6.350rr.app *.public.350rr.app *.qa.350rr.app *.test.350rr.app *.www.350rr.app

Other domains in certificate

78win1t.vip *.78win1t.vip *.api.78win1t.vip *.assets.78win1t.vip *.backend.78win1t.vip *.demo.78win1t.vip *.dev.78win1t.vip *.external.78win1t.vip *.hr.78win1t.vip *.intranet.78win1t.vip *.m.78win1t.vip *.my.78win1t.vip *.ohio.78win1t.vip *.sharepoint.78win1t.vip *.staging.78win1t.vip *.test.78win1t.vip *.uwh8qf.78win1t.vip *.wig.78win1t.vip

9inferences.com *.9inferences.com *.admin.9inferences.com *.test.9inferences.com

a2ahrm.com *.a2ahrm.com *.assets.a2ahrm.com *.backup.a2ahrm.com *.dashboard.a2ahrm.com *.demo.a2ahrm.com *.docs.a2ahrm.com *.external.a2ahrm.com *.intranet.a2ahrm.com *.mail.a2ahrm.com *.mailer.a2ahrm.com *.marketing.a2ahrm.com *.my.a2ahrm.com *.new.a2ahrm.com *.public.a2ahrm.com *.qa.a2ahrm.com *.remote.a2ahrm.com *.rustore.a2ahrm.com *.secure.a2ahrm.com *.sharepoint.a2ahrm.com *.staging.a2ahrm.com *.test.a2ahrm.com *.v1.a2ahrm.com *.v2.a2ahrm.com *.vqoczbackup.a2ahrm.com *.vsjmwpfx.a2ahrm.com *.web.a2ahrm.com *.ztqfcdemo.a2ahrm.com

aimultiplanetary.com *.aimultiplanetary.com *.test.aimultiplanetary.com

mv1.life *.mv1.life *.ww38.mv1.life

*.mail.tanksio.online tanksio.online *.tanksio.online