SSL Certificate Analysis for first.than.life - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=broadlink.it

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 13, 2026

Valid Until

May 14, 2026 88 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

5A:C1:7C:D9:5E:0B:22:B1:AF:A7:55:3A:AA:C6:B7:1D:4A:27:9A:06:50:62:3F:9A:E3:72:CD:D9:27:01:E4:0D

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

than.life *.than.life *.batter.than.life *.best.than.life *.better.than.life *.boys.than.life *.demidoff-larger.than.life *.first.than.life *.important.than.life *.larger.than.life *.longer.than.life *.madum.than.life *.more.than.life *.usuful.than.life

Other domains in certificate

*.8e283e2a-5233-401a-86a4-1395eba9f833.axio88c.my axio88c.my *.axio88c.my

*.admin.broadlink.it broadlink.it *.broadlink.it

creasin.com *.creasin.com *.test.creasin.com

*.atriumhealth.cxrecognize.com cxrecognize.com *.cxrecognize.com *.tjxcanada.cxrecognize.com *.tjxcanadadisributionservices.cxrecognize.com

dfnepal.com *.dfnepal.com *.webdisk.dfnepal.com

fitnesselevategoals.run *.fitnesselevategoals.run

fwe.au *.fwe.au *.ww25.fwe.au

hypercuberesearch.com *.hypercuberesearch.com *.www.hypercuberesearch.com

ibrahimisolar.com *.ibrahimisolar.com

intellixpay.com *.intellixpay.com *.www.intellixpay.com

*.hostmaster.maroc.so *.le.maroc.so maroc.so *.maroc.so *.www.maroc.so

menser.eu *.menser.eu

n8f5gra.cyou *.n8f5gra.cyou

nationalmotorcyclemuseum.com *.nationalmotorcyclemuseum.com *.ww16.nationalmotorcyclemuseum.com

*.chelsietracy.niamanda.xyz *.colleenloren.niamanda.xyz *.haleighhillary.niamanda.xyz *.jazminroxanne.niamanda.xyz *.kayleighhaylee.niamanda.xyz niamanda.xyz *.niamanda.xyz *.ww25.niamanda.xyz

*.bi.sacro.it sacro.it *.sacro.it

*.8p1t9h.tdghhp.mom *.ags4ib.tdghhp.mom *.awcinv.tdghhp.mom *.gxowk6.tdghhp.mom *.hqr5nb.tdghhp.mom *.iutagd.tdghhp.mom *.jr530e.tdghhp.mom *.jtewzu.tdghhp.mom *.oiyzhn.tdghhp.mom *.rf5ehy.tdghhp.mom *.sdlcdh.tdghhp.mom tdghhp.mom *.tdghhp.mom

*.desktop.thuongmaidientu.com *.my.thuongmaidientu.com *.portal.thuongmaidientu.com *.rmy.thuongmaidientu.com thuongmaidientu.com *.thuongmaidientu.com *.vpn2.thuongmaidientu.com *.vpnssl.thuongmaidientu.com *.www.thuongmaidientu.com