SSL Certificate Analysis for himmler.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=usb-prubor.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 11, 2026

Valid Until

May 12, 2026 89 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

6D:C8:E1:62:08:DD:50:31:BE:07:CA:65:1F:35:BA:DF:FE:C2:1B:B0:EC:EC:A8:D6:1E:89:C2:30:B2:44:D9:67

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

himmler.com *.himmler.com *.api.himmler.com *.autodiscover.himmler.com *.cisco.himmler.com *.cpanel.himmler.com *.drvpn.himmler.com *.ebay.himmler.com *.firewall.himmler.com *.gate.himmler.com *.mail.himmler.com *.owa.himmler.com *.portal.himmler.com *.ra.himmler.com *.ravpn.himmler.com *.relay.himmler.com *.remote.himmler.com *.sitemaps.himmler.com *.ssl.himmler.com *.sslvpn.himmler.com *.test.himmler.com *.vpn.himmler.com *.webdisk.himmler.com *.ww1.himmler.com

Other domains in certificate

appoy1.xyz *.appoy1.xyz *.id9.appoy1.xyz *.kwid9.appoy1.xyz *.v3ywp.appoy1.xyz *.yhue2.appoy1.xyz

c23.pro *.c23.pro

*.api-stage.crow.finance crow.finance *.crow.finance *.dev.crow.finance *.documentation.crow.finance *.forum.crow.finance *.frontend.crow.finance *.graphql-playground.crow.finance *.landing.crow.finance *.m.crow.finance *.monitoring.crow.finance *.mssql.crow.finance *.mx.crow.finance *.nodejs.crow.finance *.pg.crow.finance *.sitemap.crow.finance *.themes.crow.finance

extramember.biz *.extramember.biz *.gwthai.extramember.biz *.orjdev.extramember.biz

fxcent.online *.fxcent.online

goldenprimerpublishing.org *.goldenprimerpublishing.org *.hostmaster.goldenprimerpublishing.org *.new.goldenprimerpublishing.org *.www.goldenprimerpublishing.org

gossiptalkcentral.xyz *.gossiptalkcentral.xyz *.ndifg.gossiptalkcentral.xyz *.svzzq.gossiptalkcentral.xyz

*.cpcalendars.mejortorrent.vip mejortorrent.vip *.mejortorrent.vip *.vvv.mejortorrent.vip

*.portal.primephysiocare.com primephysiocare.com *.primephysiocare.com *.shop.primephysiocare.com

*.7c5uu1xc5.tartak-rusinek.pl *.bgcpznxc5.tartak-rusinek.pl *.ch4a23xc5.tartak-rusinek.pl *.jprkuxc5.tartak-rusinek.pl *.mhfqg6xc5.tartak-rusinek.pl *.rydfbxc5.tartak-rusinek.pl tartak-rusinek.pl *.tartak-rusinek.pl *.xmwzu3xc5.tartak-rusinek.pl *.z7gglxc5.tartak-rusinek.pl

*.60fbfe22d9a9e.thesync.it *.610bea4f35ba5.thesync.it *.dash.thesync.it *.qunznhth.thesync.it thesync.it *.thesync.it

usb-prubor.com *.usb-prubor.com