SSL Certificate Analysis for hostmaster.longevity.best - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=drinkinglaws.com

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

June 12, 2026

Valid Until

September 10, 2026 76 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

EF:67:86:50:2E:D0:D0:83:BA:74:81:EC:BE:95:12:98:7C:7D:20:C3:4D:A9:B4:75:64:2A:10:09:22:3C:56:3E

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

longevity.best *.longevity.best *.app.longevity.best *.assets.longevity.best *.blog.longevity.best *.hostmaster.longevity.best *.shop.longevity.best *.www70.longevity.best

Other domains in certificate

beem.in *.beem.in *.e.beem.in *.heard.beem.in *.lol.beem.in *.not.beem.in *.wildcard.beem.in

*.6b39b1d2-ac68-470f-bffd-ae1bd5efa682.cashloanflow.com *.api.cashloanflow.com *.backup.cashloanflow.com cashloanflow.com *.cashloanflow.com *.fachhandel.cashloanflow.com *.hostmaster.cashloanflow.com *.staging.cashloanflow.com *.uat.cashloanflow.com *.v2.cashloanflow.com

*.blog.drinkinglaws.com *.cdn.drinkinglaws.com drinkinglaws.com *.drinkinglaws.com *.mailhost.drinkinglaws.com *.mm.drinkinglaws.com *.nsk.drinkinglaws.com *.rss.drinkinglaws.com *.volga.drinkinglaws.com

*.api.ecoxoom.com ecoxoom.com *.ecoxoom.com *.forums.ecoxoom.com

gachonbionano.com *.gachonbionano.com *.random.gachonbionano.com *.ww16.gachonbionano.com

*.apps.l-i-t-e.com l-i-t-e.com *.l-i-t-e.com *.rd.l-i-t-e.com *.rdweb.l-i-t-e.com *.remote.l-i-t-e.com

*.git.missnewbootyla.co missnewbootyla.co *.missnewbootyla.co

*.api.nemelee.com *.assets.nemelee.com *.calendar.nemelee.com *.events.nemelee.com *.lrvfasitemap.nemelee.com nemelee.com *.nemelee.com *.portainer.nemelee.com *.preprod.nemelee.com *.sitemap.nemelee.com *.sitemaps.nemelee.com *.vbq03p.nemelee.com

*.c2.playchannellkj.icu *.flowise.playchannellkj.icu playchannellkj.icu *.playchannellkj.icu

*.app.qdm.in *.aqubmhxw.qdm.in qdm.in *.qdm.in *.shop.qdm.in

*.eqiwf.tyipo.com *.g.tyipo.com *.m.tyipo.com *.mx.tyipo.com tyipo.com *.tyipo.com *.www.tyipo.com

*.i.xn--ue2a.com *.m.xn--ue2a.com *.rd.xn--ue2a.com *.rds.xn--ue2a.com *.rdweb.xn--ue2a.com *.remote.xn--ue2a.com *.sitemaps.xn--ue2a.com *.tracking.xn--ue2a.com xn--ue2a.com *.xn--ue2a.com *.yskfxmy5528.xn--ue2a.com