SSL Certificate Analysis for forevervodka.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=servicenowservice.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 25, 2026

Valid Until

August 23, 2026 73 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

9B:D7:A0:E9:60:F9:55:F0:56:FD:E9:05:62:27:42:E6:07:FE:A2:96:E0:5E:90:3F:AC:0E:18:18:65:6C:08:F5

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

forevervodka.com *.forevervodka.com *.api.forevervodka.com *.dash.forevervodka.com *.www.forevervodka.com

Other domains in certificate

*.1e0.a303fhxy.top a303fhxy.top *.a303fhxy.top

e5461298.vip *.e5461298.vip

*.access.eshdo.com *.admin.eshdo.com *.api.eshdo.com *.apps.eshdo.com eshdo.com *.eshdo.com *.eshfsdl.eshdo.com *.mail.eshdo.com *.rdp.eshdo.com *.rds.eshdo.com *.rdweb.eshdo.com *.remote.eshdo.com *.ts.eshdo.com *.www.eshdo.com

galaxy911.bet *.galaxy911.bet *.ifnybjhq.galaxy911.bet *.kbdnrwva.galaxy911.bet *.qcfo9b.galaxy911.bet

*.admin.gay2022.bet *.appie.gay2022.bet *.demo.gay2022.bet gay2022.bet *.gay2022.bet *.ww1.gay2022.bet *.www.gay2022.bet

*.blog.high.software high.software *.high.software *.office.high.software *.painel.high.software

*.clarivate.jcr.com jcr.com *.jcr.com *.jp.jcr.com *.mainserver-pc.jcr.com

k20ili.com *.k20ili.com

*.hostmaster.punani.in punani.in *.punani.in *.test.punani.in *.www.punani.in

*.caddsprod.servicenowservice.com *.dhcsservicecenterprod.servicenowservice.com *.dukeenergy.servicenowservice.com *.fortinettest.servicenowservice.com *.grants.servicenowservice.com *.mygrants.servicenowservice.com *.ncccs.servicenowservice.com *.ncdssh.servicenowservice.com *.ngahelp.servicenowservice.com *.pord.servicenowservice.com *.psvirtusream.servicenowservice.com *.service.servicenowservice.com servicenowservice.com *.servicenowservice.com *.ww38.servicenowservice.com

*.production.taki.club taki.club *.taki.club *.ww38.taki.club

tokyosushichatham.com *.tokyosushichatham.com

*.jg2.tryimg.xyz tryimg.xyz *.tryimg.xyz *.ww16.tryimg.xyz *.ww38.tryimg.xyz

*.ayfpk.wawegaze-sonic.xyz *.cg4o5.wawegaze-sonic.xyz *.gjdvb.wawegaze-sonic.xyz *.kwid9.wawegaze-sonic.xyz wawegaze-sonic.xyz *.wawegaze-sonic.xyz *.wsct4.wawegaze-sonic.xyz *.z4gbs.wawegaze-sonic.xyz

*.hotfix.xinaicy.cc xinaicy.cc *.xinaicy.cc