SSL Certificate Analysis for generativenames.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=basenjipuppyforsale.com

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

June 04, 2026

Valid Until

September 02, 2026 71 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

37:E1:33:20:4B:54:A5:E6:A3:DB:F7:87:9A:45:A8:6E:13:23:0F:25:A1:7C:D4:9E:67:D0:C6:41:BC:21:4D:C2

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

generativenames.com *.generativenames.com *.cliente.generativenames.com *.esus.generativenames.com *.evo.generativenames.com *.exsytwwww.generativenames.com *.wwww.generativenames.com

Other domains in certificate

afterlux.com *.afterlux.com *.cloud.afterlux.com *.m.afterlux.com *.mail.afterlux.com *.member.afterlux.com *.rdweb.afterlux.com *.www.afterlux.com *.wwww.afterlux.com *.xpepwm.afterlux.com

basenjipuppyforsale.com *.basenjipuppyforsale.com *.ww25.basenjipuppyforsale.com

*.app.illustre.org *.backup.illustre.org *.dev.illustre.org illustre.org *.illustre.org *.m.illustre.org *.mail.illustre.org *.mailer.illustre.org *.marketing.illustre.org *.members.illustre.org *.secure.illustre.org *.stg.illustre.org *.test.illustre.org *.uat.illustre.org *.v1.illustre.org *.v2.illustre.org *.web.illustre.org

*.998a77f2-50e2-4a8e-be5a-3720ae8a2624.muldersvlei.com *.9d031b65-08f7-4b78-af48-a3c31142d44f.muldersvlei.com *.admin.muldersvlei.com *.agnidapi.muldersvlei.com *.assets.muldersvlei.com *.autoconfig.muldersvlei.com *.backup.muldersvlei.com *.cloud.muldersvlei.com *.control.muldersvlei.com *.eubasjvm.muldersvlei.com *.ftp.muldersvlei.com *.imap.muldersvlei.com *.m.muldersvlei.com *.mailer.muldersvlei.com *.marketing.muldersvlei.com *.members.muldersvlei.com muldersvlei.com *.muldersvlei.com *.pqblpm.muldersvlei.com *.rd.muldersvlei.com *.rdweb.muldersvlei.com *.relay.muldersvlei.com *.remote.muldersvlei.com *.sitemap.muldersvlei.com *.sitemaps.muldersvlei.com *.smtp.muldersvlei.com *.staging.muldersvlei.com *.stg.muldersvlei.com *.uat.muldersvlei.com *.v1.muldersvlei.com *.v2.muldersvlei.com *.web.muldersvlei.com *.www.muldersvlei.com